Sunday, August 5. 2007
 |
 |
 |
 |
Posted by Frank Kleine
in
Planet PHP Comments (3) Trackbacks (0) |
 |
 |
 |
 |
My wishlist for PHP6, pt6: improvements to ext/reflection
For some reasons I had the need to reimplement PHP's serialize() and unserialize() functions in userland. While the Reflection API would be of great benefit for introspecting objects and grab the values of the object's properties it is not suited for this task - trying to read or set a protected or private property results in an ReflectionException. However, there are some ways to get around this restriction.
Getting the value of protected or private properties is somewhat simple: just cast the object to an array:
The result will look like:
Now it is very simple to iterate over the array and grab the values of the respective property. Using this it is just a bunch of some more code to reimplement serialize() in userland. Reimplementing unserialize() is a bit trickier, because it is really hard to set protected and private properties (but not impossible).
Probably you already heard of var_export(). Using this function returns a string that can be eval()'d, that is it gives you valid PHP code to execute. This code contains a method call ClassName::__set_state(). Using this magic method you can recreate your object from userland unserialize(). Well, it is not that simple. It gets really tricky with nested objects and as soon as one of the objects you want to unserialize does not contain this method there is no way to set the protected and private properties.
So, whats the lesson from this? If PHP offers possibilities to read the value of protected and private properties (and with some hackish workarounds even to set them) anyway, why just not allow this within the Reflection API? No, "because it allows developers to shoot themself in their foot" is not a valid reason. Developers will always find a way to shoot themself in their foot, regardless of the measures you undertake to protect them.
By the way, it would be really nice if the reflection methods just return NULL instead of FALSE when something is not available. But that is another story about "the PHP way".
Getting the value of protected or private properties is somewhat simple: just cast the object to an array:
class Foo
{
public $foo = 'foo';
protected $bar = 'bar';
private $baz = 'baz';
}
$foo = new Foo();
$fooProperties = (array)$foo;
var_dump($fooProperties);
The result will look like:
array(3) {
["foo"]=>
string(3) "foo"
["\0*\0bar"]=>
string(3) "bar"
["\0Foo\0baz"]=>
string(3) "baz"
}Now it is very simple to iterate over the array and grab the values of the respective property. Using this it is just a bunch of some more code to reimplement serialize() in userland. Reimplementing unserialize() is a bit trickier, because it is really hard to set protected and private properties (but not impossible).
Probably you already heard of var_export(). Using this function returns a string that can be eval()'d, that is it gives you valid PHP code to execute. This code contains a method call ClassName::__set_state(). Using this magic method you can recreate your object from userland unserialize(). Well, it is not that simple. It gets really tricky with nested objects and as soon as one of the objects you want to unserialize does not contain this method there is no way to set the protected and private properties.
So, whats the lesson from this? If PHP offers possibilities to read the value of protected and private properties (and with some hackish workarounds even to set them) anyway, why just not allow this within the Reflection API? No, "because it allows developers to shoot themself in their foot" is not a valid reason. Developers will always find a way to shoot themself in their foot, regardless of the measures you undertake to protect them.
By the way, it would be really nice if the reflection methods just return NULL instead of FALSE when something is not available. But that is another story about "the PHP way".
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as
(Linear | Threaded)
Setting private and protected Members via Reflection API would offer a new way for Data Mappers too. I hope they will change this behaviour.
regards Stefan
regards Stefan
I'd vote for:
// Get property
$prop= $class->getProperty('x');
// ...grab access
$prop->setAccessible(TRUE);
// ...and then read/write as usual:
$value= $prop->getValue($instance);
$prop->setValue($instance, $value);
This way it's explicit.
// Get property
$prop= $class->getProperty('x');
// ...grab access
$prop->setAccessible(TRUE);
// ...and then read/write as usual:
$value= $prop->getValue($instance);
$prop->setValue($instance, $value);
This way it's explicit.
This is a ridiculous limitation. I have a perfectly legimate reason for wanting to do this and I can't. Very frustrating.
Thanks for the solutions Frank but I just can't bring myself to implement one for setting - the performance hit would make it a vein activity alone.
Thanks for the solutions Frank but I just can't bring myself to implement one for setting - the performance hit would make it a vein activity alone.
Calendar
|
September '10 | |||||
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
Archives
Categories
Quicksearch
Blogs we read...
Syndicate This Blog
Blog Administration
