ID: 27406
Comment by: patrick at 5etdemi dot com
Reported By: thomas at stauntons dot org
Status: Assigned
Bug Type: Unknown/Other Function
Operating System: All
PHP Version: php5.0-200412100930
Assigned To: iliaa
New Comment:
If the file that is syntax checked has includes, the includes won't be
executed. That means as soon as you use php_check_syntax on such a
file, you won't be able to include it and you won't be able to use it
either because it's included files are MIA. That makes the function
pretty useless for any practical purposes.
Previous Comments:
------------------------------------------------------------------------
[2005-03-07 22:59:52] linus at mccabe dot nu
Another important use for this function would be when using eval()'s to
test the code before eval'ing it. In this case a string would be the
only option and declaring functions would definately not work...
Since this function isn't experimental any more, I assume it cant be
altered to do this, but a new one would need to be implemented?
------------------------------------------------------------------------
[2005-03-03 08:30:18] phpbugs at majiclab dot com
I would have to agree with most of the other posters, that the
php_check_syntax() function as it stands right now does MORE than its
name implies. I feel that a true php_check_syntax() function that
STRICTLY checks the syntax of a file or string and returns TRUE/FALSE
and has reference to an error message is the best. In fact, I would
also like to see the possibility of having an additional reference
variable for the line number of an error.
I am developing a fairly advanced framework that does compile certain
aspects of a web site dynamically. At first glance, I tried to
implement this function to check the syntax of the file both before
saving it and even before including it in the future. However, I ran
into some confusing messages about my classes being redefined and I
couldn't understand until I read the docs closer.
The simple fact is that the REAL functionality of this function is the
syntax checking, NOT the including. Any PHP programmer with more than
5 minutes of experience can probably include an external file. So
adding that particular aspect of the functionality to
php_check_syntax() seems useless. The code I have in my system goes a
little like this:
<?php
...
function includeafile($sFile, $bOnce = FALSE)
{
if (file_exists($sFile)) {
if ([EMAIL PROTECTED]($sFile, $sMessage)) {
error_handler("File '$sFile' has a syntax error:
$sMessage", __LINE__, __FILE__);
} else {
... // go on including the file, etc.
}
}
return FALSE;
}
?>
Now, I started getting errors all of a sudden saying that a class in
the file being included is being redeclared. I thought that odd since
I set $bOnce = TRUE, so it shouldn't ever be included more than once.
I think ideally I should be able to do this:
<?php
...
function includeafile($sFile, $bOnce = FALSE)
{
if (file_exists($sFile)) {
if ([EMAIL PROTECTED]($sFile, $sMessage, $iLine)) {
error_handler("File '$sFile' has a syntax error:
$sMessage", $iLine, $sFile);
} else {
... // go on including the file, etc.
// it should not raise redeclaring errors
}
}
return FALSE;
}
?>
Basically, it should:
1. Not include the file at all, just strictly do a lint check.
2. It would be nice to be able to get the line number of the file (for
debugging purposes).
At the lowest level, this function should be able to run like described
by many others:
<?php
if (php_check_syntax($file, $message)) {
include $file;
} else {
error("Syntax Error: '$message'");
}
?>
It should be up to the PHP programmer to include the file...
------------------------------------------------------------------------
[2005-02-23 17:32:01] de_bruut at hotmail dot com
Couple of points:
1. there are already half a dozen functions that include files or
execute strings
2. there's no other function that allows you to check the validity of a
piece of php code
3. right now, php_check_syntax does more than its name implies (it
includes the file)
4. there are several situations where a 'clean' lint check of php code
is useful (snippet submissions, UNIT TESTS(!), ...)
5. in general, functions should do only one thing, not two only
slightly related things, and one of them badly
I would love to see php_check_syntax implemented as its name implies: a
lint check for a STRING. Not a file (see Wylie's comment), because there
are enough functions to read a file or stream into a string.
If someone wants to include the file afterwards, they only need to add
a single line of code, or they can write their own two-line function.
This even leaves them the choice between include() and include_once(),
something which php_check_syntax does not do at this point.
Did I mention the potential value of php_check_syntax for >> UNIT TESTS
<< yet? php_check_syntax would allow us to check the syntax of a file
(string) as the first of a group of tests for that file/class, and thus
avoiding a potential fatal error, which could interrupt an entire set of
tests on multiple files. Thus, a syntax check could make quite a number
of very serious PHP developers very happy. Not much point if
php_check_syntax immediately includes the file (string) though...
------------------------------------------------------------------------
[2005-02-09 21:42:13] du at bestwaytech dot com
There is one other difference between include and php_check_syntax that
should be noted in the manual. Aside from supressing output buffer, it
only includes functions and classes, it does not set or affect global
variables, the way include() would.
If you have "test.php"
$myvar = 1;
echo $myvar;
function myfunction() {}
class myclass {}
include ("test.php") will set $myvar, print $myvar and set myfunction &
myclass
php_check_syntax("test.php") will ONLY include myfunction & myclass
------------------------------------------------------------------------
[2005-01-29 04:35:48] wylie at geekasylum dot org
There seems to be a lot of discussion on whether this is a bug or a
misuse. Here is something else to consider:
de_bruut mentioned above that a syntax check function as described in
the documentation of this function would be useful for development and
testing, and I agree, but it also has other uses.
I am about to write a code repository website where users can submit
snippets (no smaller than complete functions) and it would be great to
be able to check the syntax of the uploaded code on the fly and reject
or accept it right there while the submitter is still online. This be
one less admin check to do before the code was accepted to the site.
Checking uploaded code snippets from the public is a huge security rick
if the syntax checker includes or executes the code, but a simple lint
check would be a huge boon to developers and code geeks like myself.
In my case, it would be fantastic if we could optionally syntax check a
string rather than a disk file as the code on my site would be stored in
a database (and I imagine many other repositories would do the same).
In the case of this bug a decision needs to be made as to whether the
code or the documentation expresses the true value of this function,
and one or other (ie: the code or the docco) needs to be fixed. This
bug has been open almost a year and it seems that decision still has
not been made.
If the documentation is correct and the function is a simple lint
checker, people can then include() any code that checks as valid if
they desire to, (some dont) but if the syntax checker includes the code
itself, then people like myself cant use it at all as the code to be
checked has no relation to the running website (and should never be
included).
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/27406
--
Edit this bug report at http://bugs.php.net/?id=27406&edit=1
