I use eval() in my current project like this:
if (class_exists($class_name)) //$class_name depends on user input
eval($class_name.'::MyStaticMethod()');
eval() is executed if and only if class with the name $class_name exists so it's kinda safe, but I still don't think that this is the best solution.
Can I do the same what code above does without eval()?
I have recently answered this question. The last part of my answer perfectly answers this question and is much more useful for future readers than answers provided here. That's why I am answering my own question.
PHP has features that gives possibility to avoid using eval in most cases:
PHP is very dynamic language. It has ability to do following stuff with strings:
Define and/or get variable (supported from PHP 4.3). For example:
$variableName = 'MyVariable';
// Create new variable with the name defined in variable $variableName
${$variableName} = 'MyValue';
//Outputs: string(7) "MyValue"
var_dump($MyVariable);
//Outputs: string(7) "MyValue"
var_dump(${'MyVariable'});
Demo
Call function (supported from PHP 4.3). For example:
// Create function with the name defined in variable $functionName
function MyFunction($argument) {
return 'Argument passed is: '.$argument;
}
$functionName = 'MyFunction';
// Outputs:
// string(48) "Argument passed is: Calling MyFunction directly."
var_dump(MyFunction('Calling MyFunction directly.'));
// Outputs:
// string(51) "Argument passed is: Calling MyFunction with string."
var_dump($functionName('Calling MyFunction with string.'));
Demo
Create instance of class (supported from PHP 5.0). For example:
class MyClass {
public function __construct() {
echo 'Constructing MyClass'."\n";
}
}
$className = 'MyClass';
$objFromString = new $className();
// Outputs: object(MyClass)#1 (0) {}
var_dump($objFromString);
Demo
Call static method (supported from PHP 5.0). For example:
class MyClass {
public static function staticMethod() {
return 'MyClass::staticMethod called';
}
}
$staticMethodName = 'staticMethod';
// Outputs: string(28) "MyClass::staticMethod called"
var_dump(MyClass::$staticMethodName());
Demo
And from PHP 5.3 class name can also be defined by string. Example:
class MyClass {
public static function staticMethod() {
return 'MyClass::staticMethod called';
}
}
$className = 'MyClass';
$staticMethodName = 'staticMethod';
var_dump($className::$staticMethodName());
var_dump($className::staticMethod());
Demo
Call instance method of object (supported from PHP 5.0). For example:
class MyClass {
public function instanceMethod() {
return 'MyClass::instanceMethod called';
}
}
$methodName = 'instanceMethod';
$obj = new MyClass();
// Outputs: string(30) "MyClass::instanceMethod called"
var_dump($obj->$methodName());
Demo
Access static and instance properties of object (supported from PHP 5.0). For example:
class MyClass {
public static $myStaticProperty;
public $myInstanceProperty;
}
$staticPropertyName = 'myStaticProperty';
$instancePropertyName = 'myInstanceProperty';
MyClass::${$staticPropertyName} = 'my static value';
$obj = new MyClass();
$obj->{$instancePropertyName} = 'my instance value';
var_dump(MyClass::${$staticPropertyName});
var_dump($obj->{$instancePropertyName});
Demo
PHP has two functions: call_user_func and call_user_func_array for dynamic function/method calls. Both are perfectly documented so I won't go in details here.
Even if everything above is not enough PHP 5 comes with great Reflection API. Unfortunately, documentation has few examples but reflection is quite large topic to cover here. Basically, It's not a big deal to use reflection after reading how it works.
I'd suggest call_user_func.
An alternative to call_user_func() would be calling it like this:
$class_and_method = 'Class::MyStaticMethod()';
$class_and_method();
yes:
call_user_func(array($class_name, 'MyStaticMethod'));
As of PHP 5.3+,
$class_name::MyStaticMethod();
Adisory:
userinput + eval = security hole;
Also eval is an expensive operation requiring parsing the string into an actionable format (parse tree, abstract syntax tree, etc.) and executing the new found logic.
You don't want to eval every little tidbit of code. Use eval if you have something for it to chew on or rather put that logic somewhere where it's reusable and parametrized such as a function.
Also as of php 5.4
$method = array('class_name', 'method_name');
$method(); // calls class_name::method_name()
Related
what is the best way (memory safe) to use call_user_func from self instance eg.:
call_user_func(array($this, 'method'));
or by reference, eg.:
call_user_func(array(&$this, 'method'));
PS. i know the best way is $this->method but for framework design pattern reason (Wordpress) i do use call_user_func
If I am aware, it doesn't really matter, because PHP will do the same thing in both cases: will just pass reference to the same object (the object will be not cloned). So for simplicity, I would go without &
Some test:
class test
{
function foo() {
call_user_func([$this, 'bar']);
call_user_func([&$this, 'bar']);
}
private function bar() {
echo spl_object_hash($this), PHP_EOL;
}
}
and outputs:
php > $obj = new test();
php > $obj->foo();
0000000025077e4a0000000075174bd2
0000000025077e4a0000000075174bd2
As I am learning how PHP OOP works, I stumbled upon the following confusion.
class Foo {
static function baz() {
echo 'works';
}
}
# 1
$a = 'Foo';
$a::baz();
# 2
Foo::baz();
PHP manual states that since 5.3.0, it is possible to reference a static class via a string (http://php.net/manual/en/language.oop5.static.php)
What I don't understand is, what is the different between #1 and #2? Aren't they technically the same since both are calling a static function without initiating a class? Where can #1 be applied in practical scenario?
The difference is in a version. Before PHP5.3 you cannot use static methods with variable.
Also, second one 'hide' using of a class. Your IDE could not find class usage.
Also you could use object to call static methods.
class Foo {
static function baz() {
echo 'works';
}
}
eval(
'$a = "Foo";
$a::baz();');
eval(
'$a = new Foo();
$a::baz();');
eval(
'Foo::baz();');
http://3v4l.org/WOK44
I have a class that generates data based on a few things. I would like to format that data from the outside. So I am trying to pass a function into the class so that it would format that data. I have looked at many examples, but it seems this is unique.
Can anybody give an idea of how to do this? The following code gives an error.
<?php
class someClass {
var $outsideFunc; // placeholder for function to be defined from outside
var $somevar='Me'; // generated text
function echoarg($abc){
$outsideFunc=$this->outsideFunc; // bring the outside function in
call_user_func($outsideFunc,$abc); // execute outside function on text
echo $abc;
}
}
function outsidefunc($param){ // define custom function
$param='I am '.$param;
}
$someClass=new someClass();
$someClass -> outsideFunc = 'outsideFunc'; // send custom function into Class
$someClass -> echoarg($someClass->somevar);
$someClass -> outsidefunc = 'outsidefunc';
In PHP, function names are not case sensitive, yet object property names are. You need $someClass->outsideFunc, not $someClass->outsidefunc.
Note that good OOP design practice calls for the use of getter and setter methods rather than just accessing properties directly from outside code. Also note that PHP 5.3 introduced support for anonymous functions.
Yeah. You are right. Now there is no error. But it does not work either.
By default, PHP does not pass arguments by reference; outsidefunc() does not actually do anything useful. If you want it to set $param in the caller to something else, and do not want to just return the new value, you could change the function signature to look like this:
function outsidefunc(&$param) {
You would also need to change the way you call the function, as call_user_func() does not allow you to pass arguments by reference. Either of these ways should work:
$outsideFunc($abc);
call_user_func_array($outsideFunc, array(&$abc));
Why not pass your function as an argument?
<?php
class someClass {
public $somevar="Me";
public function echoarg($abc,$cb=null) {
if( $cb) $cb($abc);
echo $abc;
}
}
$someClass = new someClass();
$someClass->echoarg($someClass->somevar,function(&$a) {$a = "I am ".$a;});
i am not sure what exactly you are looking for, but what i get is, you want to pass object in a function which can be acheive by
Type Hinting in PHP.
class MyClass {
public $var = 'Hello World';
}
function myFunction(MyClass $foo) {
echo $foo->var;
}
$myclass = new MyClass;
myFunction($myclass);
OP, perhaps closures are what you're looking for?
It doesn't do EXACTLY what you're looking for (actually add function to class), but can be added to a class variable and executed like any normal anonymous function.
$myClass->addFunc(function($arg) { return 'test: ' . $arg });
$myClass->execFunc(0);
class myClass {
protected $funcs;
public function addFunc(closure $func) {
$this->funcs[] = $func;
}
public function execFunc($index) { $this->funcs[$index](); } // obviously, do some checking here first.
}
ok I do have the code below
<?php
class foo{
public $bar = NULL;
public function boo(){
$this->bar();
}
}
$mee = new foo();
//save a closure function on the property
$mee->bar = function(){
echo 'hahaha';
};
//invoke the closure function by using a class method
$mee->boo();
?>
and you can see it running here http://codepad.org/s1jhi7cv
now what i want here is to store the closure function on the class method.
well closures are possible as i read the documentation about it here http://php.net/manual/en/functions.anonymous.php
is this possible? did i went to something wrong? please correct me
Your example code at codepad.org does not work because codepad.org uses PHP 5.2.5, and closure support was only added in 5.3.
However, your code will also not work in a PHP version that supports closures, although you will get a different error: http://codepad.viper-7.com/Ob0bH5
This is a limitation of PHP at present. $obj->member() looks for a method named member and will not look at properties to see if they are callable. It is, frankly, annoying.
The only way I am aware of to make this work without call_user_func()/call_user_func_array() is:
public function boo() {
$func = $this->bar;
$func();
}
You need to exploit some magic functionality of PHP (__call) to make use of that. Extend from Extendable for example:
class Extendable {
static function import($context) {
$self = new static();
while (is_callable($context)) $context = $context($self);
if (is_array($context) || is_object($context) || is_a($context, 'Traversable')) {
foreach($context as $key => $value)
$self->$key = &$value; # preserve keys if
}
return $self;
}
public function __call($name, $args) {
if (isset($this->$name) && is_callable($this->$name)) {
return call_user_func_array($this->$name, $args);
}
throw new BadFunctionCallException(sprintf('Undefined function %s.', $name));
}
}
And you can do the job. It's not that nice. Background and examples are in one of my blog posts:
PHP: Extending stdClass with Closures (plus Visitor)
You can naturally implement that magic functionality your own, too.
Use call_user_func() function:
<?php
class foo{
public $bar = NULL;
public function boo(){
call_user_func($this->bar);
}
}
$mee = new foo();
//save a closure function on the property
$mee->bar = function(){
echo 'hahaha';
};
//invoke the closure function by using a class method
$mee->boo();
This will display "ahahah"
Hope it helps.
You will not be able to do that.
Take for example this code:
class T {
function foo() {
echo 'T::foo';
}
}
$t = new T;
$t->foo = function() {
echo 'Closure::foo';
};
$t->foo();
It works fine on PHP 5.4.6 and/or PHP 5.3.16, however it will result in T::foo getting printed.
This happens because methods, in PHP, are not modifiable class properties, as they are for example in javascript.
However,
$foo = $t->foo;
$foo();
will print Closure::foo as expected.
PHP is not a prototype based language hence you cannot redefine functions
Use __call to catch all non-defined methods and then look up the closure and invoke it. Take a look at my post on this SitePoint thread.
Starting at php 7, you can put round brackets around the instance and method to call the method like so: ($this->bar)();.
This appears to cause a syntax error on earlier versions however.
Helo everyone.
I have a class MyClass and a function escape() that can be called as a static class or as an instantiated Object.
MyClass::_escape('..... some string...');
or
$myclass->escape();
What I would like is not to have the underscore on the staic version and for both just have the same function definition. I trie to do.
class MyClass {
public $_string = "";
public function escape($string = null) {
if($string == null)
return new String(mysql_real_escape_string($this->_string));
else
return new String(mysql_real_escape_string($string));
}
}
but this function fails by the PHP parser. Is there a way of doing what I attempted to above??
So to summarise, I would like the static call to look like;
print Myclass::escape('some string');
and the instantiated call to look like;
print $myobject->escape(); //Which escapes the private variable _string
Hope this was clear.
regards
public function _escape($s){
return self::escape($s);
}
What you're trying to achieve won't work without at least some kind of error:
Example using static:
error_reporting(E_ALL ^ E_STRICT);
class MyClass
{
// note the *static* keyword
public static function escape($string = null) {
// $this is not defined, even if called as object-method
var_dump(isset($this));
}
}
$foo = new MyClass();
$foo->escape(); // => bool(false)
MyClass::escape(); // => bool(false)
So, if you remove the static keyword and try again, you'll get:
$foo->escape(); // => bool(true)
but also:
Strict Standards: Non-static method MyClass::escape() should
not be called statically ...
for
MyClass::escape(); // => bool(false)
There are no parse errors in the code you posted. In fact, it works just as you want it to work, as long as you never pass $string to the escape() method in an object context:
$foo = new MyClass();
$foo->_string = 'foo';
$foo->escape(); // This works.
MyClass::escape('bar'); // This works, too.
$foo->escape('baz'); // Don't do this. It'll escape $string instead of $this->_string.
You could resolve this issue by determining whether or not you're in a static context within the escape() method, instead of checking for the existence of $string.