Add env as a forbidden function

[phillipdebruin]

Laravel config cache is great, but when it's enabled .env values are all null. We tend not to enable it on our dev environment, but on production. The use of the env() helper could easily slip into our code. A sniffer for it would be a good idea then.

[williamdes]

    <!-- Ban some functions -->
    <rule ref="Generic.PHP.ForbiddenFunctions">
        <properties>
            <property name="forbiddenFunctions" type="array">
                <!-- https://github.com/flickerleap/phpcs/issues/1#issue-352498247 -->
                <!-- DO NOT USE env() or getenv() because it will break laravel env/config caching -->
                <element key="env" value="config"/>
                <element key="getenv" value="config"/>
            </property>
        </properties>
    </rule>

    <rule ref="Generic.PHP.ForbiddenFunctions">
        <exclude-pattern>config/*.php</exclude-pattern>
    </rule>