From: nightcat at poczta dot onet dot pl Operating system: * PHP version: 5.0.0b1 (beta1) PHP Bug Type: Feature/Change Request Bug description: Way to lock objects/properties/variables for include
Description: ------------ Basicly, everyone who creates CMS at some point want to add modules, or any other type of space for additional code. But also we want this code to be signed as "untrusted", because we _are_ afraid about this code (we don't know). It would be really great to be able to lock some things for include code. I don't have any clear vision of this, but i'll try to paste example of my intention. Reproduce code: --------------- lock_variables($db->password, $accountPassword); block_functions(mail, fopen, file); include_once('module.inc'); unblock_functions(mail, fopen, file); unlock_variables($db->password, $accountPassword); Expected result: ---------------- It's only idea. I'd expect that from inside of this include (and any recursive) there want be any possiblity to use those functions and modify those variables. Secondly it would be really _great_, if if functions called from inside of include could use everything normally. For eg. there won't be any way to modify DB password (which is property of object $db) but calling $db->connect would work normally (if it's not blocked by block_functions() ). Actual result: -------------- There is really no way in PHP4 to prevent some untrusted parts from do what they want with whole CMS. In PHP5 i can do it but in very tricky and dirty way. -- Edit bug report at http://bugs.php.net/?id=24732&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=24732&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=24732&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=24732&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=24732&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=24732&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=24732&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=24732&r=support Expected behavior: http://bugs.php.net/fix.php?id=24732&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=24732&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=24732&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=24732&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=24732&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=24732&r=dst IIS Stability: http://bugs.php.net/fix.php?id=24732&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=24732&r=gnused