crisu83 / php-expression
A modest library for safe evaluation of PHP expressions.
dev-master
2013-07-22 14:50 UTC
This package is auto-updated.
Last update: 2024-12-29 04:02:57 UTC
README
A modest library for safe evaluation of PHP expressions.
Why would I want that?
Sometimes you cannot avoid using eval in php, e.g. if you have a rules engine that uses php expressions and its business rules. When you need to use eval you want a safe environment to do so, that's where php-expression comes in. Using php-expression you can check the syntax, safely test your expressions before evaluating them and catch exceptions that may occur. By default php-expression does not allow to use any language constructs or functions, but you can configure it to allow anything you want.
How do I use it?
<?php // Require the library files. // Alternatively you can require it using Composer (http://getcomposer.org/). require(__DIR__ . '/path/to/php-expression/Expression.php'); require(__DIR__ . '/path/to/php-expression/Exception/Fatal.php'); require(__DIR__ . '/path/to/php-expression/Exception/NotSafe.php'); require(__DIR__ . '/path/to/php-expression/Exception/Runtime.php'); require(__DIR__ . '/path/to/php-expression/Exception/Syntax.php'); // Define an example class that we will use in this example. class Test { public function foobar() { return 'foobar'; } } // This is code that we will run through the expression object. $code = '$test = new Test; return $test->foobar();'; // Create a new expression for the code above. $exp = new \Crisu83\PhpExpression\Expression($code); // Allow the 'new' keyword to be used in the expression. $exp->setAllowedKeywords(array('new', 'return')); // Allow the class 'Test' to be used in the expression. $exp->setAllowedClassNames(array('Test')); // Allow the method 'foobar' to be called in the expression. $exp->setAllowedFunctions(array('foobar')); // Evaluate the code and catch any exceptions that may occur. $result = null; try { $result = $exp->evaluate(); } catch (Exception $e) { // In this example we just print the error message. echo $e->getMessage(); } // Output the result which is 'foobar'. echo $result;