Hy,
a friend of mine asked me why someone can change private and protected
properties from an class within PHP.
From my understanding of OOP and class handling a private property must not
be changed or visible from outside the class.
And protected properties should only be visible and
First of all, I think it is important to note that this has nothing to
do with security. Anyone who relies on OOP visibility features for any
security is making a serious mistake, these are not security features
and should not be used as such.
From my understanding of OOP and class handling
Malyshev [EMAIL PROTECTED]
To: Thomas Weidner [EMAIL PROTECTED]
Cc: fw-general@lists.zend.com
Sent: Thursday, February 08, 2007 12:59 PM
Subject: Re: [fw-general] PHP5 Security
First of all, I think it is important to note that this has nothing to do
with security. Anyone who relies on OOP
Hmm, the bug report doesn't try changing a private property. It changes
the public properties of the StdClass. StdClass's properties are always
public.
Am i missing something?
Andriesss
Thomas Weidner schreef:
Hy,
a friend of mine asked me why someone can change private and protected
You are right but the content of a private property will be manipulated
and I think it is the same if you change a private property directly or
the content of it. You are changing its state.
Hmm, the bug report doesn't try changing a private property. It
changes the public properties of the
-- Jan Pieper [EMAIL PROTECTED] wrote
(on Thursday, 08 February 2007, 09:30 PM +0100):
You are right but the content of a private property will be manipulated
and I think it is the same if you change a private property directly or
the content of it. You are changing its state.
Even in the
Okay, it is no security lack, and you cannot manipulate non object
properties but it also shouldn´t be possible to change a state of an
private property containing an object. It is very abstract but there is
the possibility to manipulate the object and i think it is an error. You
must not have
Is this normal behaviour ??
Was my prof at the university wrong with standard oop definitions ??
I think this behaviour is normal, because it isn't a object anymore. you
cast it explicit to an array.
it would be strange, if you wouldn't be able to access any element of an
array.
Chris
Hy,
Is this normal behaviour ??
Was my prof at the university wrong with standard oop definitions ??
I think this behaviour is normal, because it isn't a object anymore. you
cast it explicit to an array.
it would be strange, if you wouldn't be able to access any element of an
array.
, February 08, 2007 12:55 PM
Subject: Re: [fw-general] PHP5 Security
Okay, it is no security lack, and you cannot manipulate non object
properties but it also shouldn´t be possible to change a state of an
private property containing an object. It is very abstract but there is
the possibility
You are right but the content of a private property will be manipulated
and I think it is the same if you change a private property directly or
the content of it. You are changing its state.
It's definitely not like you change the property directly. It's more
like you would store value in the
11 matches
Mail list logo