php-general Digest 17 Dec 2010 14:21:50 -0000 Issue 7091
Topics (messages 310094 through 310099):
Does ReflectionMethod::setAccessible() do anything?
310094 by: David Harkness
310096 by: Nathan Nobbe
Re: String passed to object constructor turning into aninstance of that object?
310095 by: Nathan Nobbe
Re: Error Querying Database
310097 by: Phred White
Re: PHPInfo disabled due to security
310098 by: Paul S
Confusion About WordPress Cache
310099 by: ФêÏ
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
According to the manual page for setAccessible() [1] the feature is
available with 5.3.2, and I'm running
5.3.2-1ubuntu4.5 with Suhosin-Patch (cli) (built: Sep 17 2010 13:49:46)
so I should be good to go. However, even the simplest test to make a
protected or private method accessible fails.
php > class Foo { protected function bar() { echo "foobar\n"; } }
php > $m = new ReflectionMethod('Foo', 'bar');
php > $m->setAccessible(true);
php > $foo = new Foo();
php > $foo->bar();
Fatal error: Call to protected method Foo::bar() from context '' in php
shell code on line 1
I've tried creating the object first, getting to the ReflectionMethod via
ReflectionClass::getMethod(), and making a public method inaccessible, but
all fail. Has anyone used this feature?
The reason I want to do this, in case anyone can suggest a work-around, is
to allow direct unit testing of protected/private methods in classes. What I
do now is have a function that eval()s a dynamic subclass with a __call()
method that proxies to protected methods. This doesn't allow testing private
methods, and it breaks if the class under test has a private/protected
constructor. I can solve the second problem with some further hacking, but
there's nothing I can do about exposing private methods temporarily.
setAccessible() seems perfectly designed to do what I need.
Thanks,
David
[1] http://php.net/manual/en/reflectionmethod.setaccessible.php
--
David Harkness
Senior Software Engineer
High Gear Media
--- End Message ---
--- Begin Message ---
On Thu, Dec 16, 2010 at 6:37 PM, David Harkness
<davi...@highgearmedia.com>wrote:
> According to the manual page for setAccessible() [1] the feature is
> available with 5.3.2, and I'm running
>
> 5.3.2-1ubuntu4.5 with Suhosin-Patch (cli) (built: Sep 17 2010 13:49:46)
>
> so I should be good to go. However, even the simplest test to make a
> protected or private method accessible fails.
>
> php > class Foo { protected function bar() { echo "foobar\n"; } }
> php > $m = new ReflectionMethod('Foo', 'bar');
> php > $m->setAccessible(true);
> php > $foo = new Foo();
> php > $foo->bar();
you just have to invoke the function from the context of the
ReflectionMethod instance
<?php
class Foo { protected function bar() { echo "foobar\n"; } }
$m = new ReflectionMethod('Foo', 'bar');
$m->setAccessible(true);
$m->invokeArgs(new Foo(), array());
?>
-nathan
--- End Message ---
--- Begin Message ---
On Thu, Dec 16, 2010 at 3:21 PM, Kris Deugau <kdeu...@vianet.ca> wrote:
> Nathan Nobbe wrote:
>
>> Why not test for the type of $name at each point of interest in the
>> SelectBoxOption
>> constructor? If you're passing a string value to the constructor it
>> almost
>> has to be getting changed by the Tag constructor, right ?
>>
>> class SelectBoxOption extends Tag {
>> function SelectBoxOption($name, $value, $selected=false) {
>>
>> var_dump(is_string($name));
>>
>> parent::Tag("option", $name);
>>
>> var_dump(is_string($name));
>>
>
> Ah, that gives... well, it slightly alters the confusion.
>
> Using var_dump(is_string($name)) gives... two results?
>
> bool(true)
> bool(false)
>
so you put one check before the call to parent::Tag() & one directly after
right? That means *somehow* $name is getting set to an instance of
SelectBoxOption in the parent constructor which makes little to no sense..
especially after looking at implementation from your later post. Main
things are $name is local in the child constructor and there is no pass by
reference on the $name parameter in the parent constructor definition.
if this code runs w/o error on your 5.2 box, then there's something spurious
going on in that old library;
<?php
class Tag
{
function Tag($sTag='', $sValue='')
{
$this->_sTag = $sTag;
$this->_sValue = $sValue;
}
}
class Child extends Tag
{
function Child($name)
{
var_dump($name);
parent::Tag('option', $name);
var_dump($name);
}
}
$oChild = new Child('content');
?>
expected output:
string(7) "content"
string(7) "content"
I'd still recommend moving to the php5 notation throughout the library,
especially if doing that fixes the problem w/ SelectBoxOption. This
shouldn't break any client code, since clients should all be calling new
Class() and not be explicitly invoking the php4 style constructors. The
php4 style constructors should only be getting called explicitly from within
the library itself.
-nathan
--- End Message ---
--- Begin Message ---
It seems like there are several questions emerging, but ...
Try echoing your query to the page by putting echo $query in your code before
you call mysql, then copy it and run it in phpmyadmin. If it runs then you know
your problem is somewhere else like the connection. This can really help you
find typos that can cause mysterious results.
If you want to use the same page to process the form (my preference) then put a
hidden field in your form like:
<input type="hidden" name="phpaction" id="phpaction" value="process" />
and wrap the form processing code like so:
if (isset($_POST['phpaction'])) {
//process submitted form data
} else {
//processing for initial form entry
}
When the form is initially loaded it will ignore the first part
There are a 1000 ways to do this, but this is pretty straightforward.
On Dec 15, 2010, at 1:34 PM, Gary wrote:
>
> "Steve Staples" <sstap...@mnsi.net> wrote in message
> news:1292440837.5460.8.ca...@webdev01...
>> On Wed, 2010-12-15 at 13:42 -0500, Gary wrote:
>>> I cant seem to get this to connect. This is to my local testing server,
>>> which is on, so we need not worry that I have posted the UN/PW.
>>>
>>> This is a duplicate of a script I have used countless times and it
>>> worked.
>>> The error message is 'Error querying database.'
>>>
>>> Some one point out the error of my ways?
>>>
>>> Gary
>>>
>>>
>>> <form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="post">
>>> <tr>
>>> <td>
>>> <label>Name of Beer</label></td><td><input name="beername" type="text" />
>>> </td>
>>> </tr>
>>> <tr>
>>> <td>
>>> <label>Maker of Beer</label></td><td><input name="manu" type="text" />
>>> </td>
>>> </tr>
>>> <tr>
>>> <td>
>>> <label>Type of Beer</label></td>
>>> <td><select name="type" size="1" id="type">
>>> <option>Imported</option>
>>> <option>Domestic</option>
>>> <option>Craft</option>
>>> <option>Light</option>
>>> </select>
>>> <!--<select name="avail" size="1" id="avail">
>>> <option>Available</option>
>>> <option>Sold</option>
>>> </select>-->
>>> </td>
>>> </tr>
>>> <tr>
>>> <td><label>Sold in</label>
>>> </td><td><input type="checkbox" name="singles" value="Yes" /> Singles<br
>>> />
>>> <input type="checkbox" name="six" value="Yes" /> Six Packs <br />
>>> <input type="checkbox" name="can" value="Yes" /> Cans<br />
>>> <input type="checkbox" name="bottles" value="Yes" /> Bottles <br />
>>> <input type="checkbox" name="tap" value="Yes" /> Draft <br />
>>> <tr>
>>> <td>
>>> <label>Size</label></td><td><input name="size" type="text" />
>>> </td></tr>
>>> <tr><td>
>>> <label>Description</label></td><td><textarea name="desc" cols="40"
>>> rows="5"></textarea>
>>> </td></tr>
>>> <tr><td>
>>> <input name="submit" type="submit" value="Submit" /></td></tr>
>>> </form>
>>> </table>
>>> </div>
>>> <div id="list">
>>> <?php
>>> $beername = $_POST['beername'];
>>> $manu = $_POST['manu'];
>>> $type = $_POST['type'];
>>> $singles = $_POST['singles'];
>>> $six = $_POST['six'];
>>> $can = $_POST['can'];
>>> $bottles = $_POST['bottles'];
>>> $tap = $_POST['tap'];
>>> $size = $_POST['size'];
>>> $desc = $_POST['desc'];
>>> $ip= $_SERVER['REMOTE_ADDR'];
>>>
>>> $dbc = mysqli_connect('localhost','root','','rr')or die('Error connecting
>>> with MySQL Database');
>>>
>>> $query = "INSERT INTO beer (beername, manu, type, singles, six, can,
>>> bottles, tap, size, desc, ip )"." VALUES ('$beername', '$manu', '$type',
>>> '$singles', '$six', '$can', '$bottles', '$tap', '$size', '$desc',
>>> '$ip' )";
>>>
>>> $result = mysqli_query($dbc, $query)
>>> or die('Error querying database.');
>>>
>>>
>>> mysqli_close($dbc);
>>>
>>>
>>>
>>> --
>>> Gary
>>
>>
>> Read Ash's reply... but basically, you're running the query with POST
>> variables, and inserting them on page display as well as on form submit.
>>
>> can you ensure that you can connect from the command line?
>>
>>
>> if you may take some criticism, you should rethink your database design,
>> as well as the page flow/design... you should either post the form to a
>> new page, or if it is back to itself, you should check to see that you
>> have in fact posted it before just blindly inserting into the database
>> (as currently, every time you view the page, you will insert into the
>> database, even if completely empty values).
>>
>
> Steve
>
> Thank you for your reply.
>
> I did not see a reply from Ashley, but I would love to read it.
>
> I always welcome criticism, however this form is for the owner of a bar
> where he will inputing his list of beer that he sells. The rest of the code
> that is not there is I will have the list then echo to screen below the
> form. This is an internal list only, no customers will be seeing it....if
> that makes any difference to your suggestion.
>
> On your one point
>
> <<(as currently, every time you view the page, you will insert into the
> database, even if completely empty values).>>
>
> Is this always the case when you process a form onto itself? Or is there a
> fix?
>
> I did just create a new page, inserted the script onto it, and got the same
> error message.
>
> Again, thank you for your help.
>
> Gary
>
>
>
> __________ Information from ESET Smart Security, version of virus signature
> database 5706 (20101215) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--- End Message ---
--- Begin Message ---
On Thu, 16 Dec 2010 00:13:31 +0700, "Daniel P. Brown"
<daniel.br...@parasane.net> wrote:
Well, phpinfo() does, by default, divulge some things that could
be considered security concerns --- particularly in poorly-managed
environments. Primarily, this is by giving a synopsis of versions and
paths of software, but some versions and configurations will also
broadcast information about the currently logged-in user (PTS/TTY) in
the $_ENV display. Sure, you can display everything manually that
phpinfo() does automatically, but it's easier for some to vilify
something because they heard it was bad than to actually address the
greater issues.
In cases like this, I'd agree with Al's response; there are plenty
of other web hosts out there.
Well, I was hoping for stronger arguments to get that DONE. I would think
there be something in the PHP license
that would FORBID disabling functionality. After all, 'phpinfo' is
essential, really, to achieving secure
applications, isn't it? My setups are secure, I want to keep it that way.
Shouldn't hosters be required
to provide an alternative phpinfo, say behind the login control panel?
I can't see that anyone could upload a phpinfo command to a properly
configured server and execute it. I have
renamed my 'phpinfo.php' file to something innocuous.
Unfortunately I've found changing hosting companies to often result in a
lot of work for just as
obnoxious tech service as the last.
Thank you both for the feedback. It helps. I've had fetching issues past
couple days with my connection but
think I got that will straightened out soon.
--- End Message ---
--- Begin Message ---
I am using WordPress Cache to cache data retrieved from database, using
WP_Cache <http://codex.wordpress.org/Function_Reference/WP_Cache>.
After I used wp_cache_set to set some data in the cache, I try to get it by
wp_cache_get in ANOTHER post request.
However, it failed to retrieve the data I have previously saved.
It is ok if I try to retrieve the data in just one request(place the *set*and
*get * in the same script). *However, in separate *
*
*
*requests, I doesn't work.*
I wonder if I got the wrong idea of what *cache* is. I have it in mind that
*cache *can be preserved even in different requests
from the same user.*Then the cache has nothing different with a variable, I
think!!*
And I am doubting my idea now!
Can anyone help? Or it is not what I am thinking. *Is there any way to
retrieve the same data which has been saved *
*
*
*before(not using database) in separate requests? *
Really thanks for any response!
Best regards!
Xiaohan
--- End Message ---
