runkit
PHP Manual

Runkit_Sandbox_Parent

(No version information available, might be only in CVS)

Runkit_Sandbox_Parent — Runkit Anti-Sandbox Class

说明

void Runkit_Sandbox_Parent::__construct ( void )

Instantiating the Runkit_Sandbox_Parent class from within a sandbox environment created from the Runkit_Sandbox class provides some (controlled) means for a sandbox child to access its parent.

Note: 对沙盒的支持(是函数 runkit_lint()runkit_lint_file() 和 Runkit_Sandbox 类所必须的)仅在 PHP 5.1 中,或在加过特别补丁的 PHP 5.0 中可用,并需要启用线程安全。请阅读 runkit 包中的 README 文件以了解更多信息。

In order for any of the Runkit_Sandbox_Parent features to function. Support must be enabled on a per-sandbox basis by enabling the parent_access flag from the parent's context.

Example#1 Working with variables in a sandbox

<?php
$sandbox 
= new Runkit_Sandbox();
$sandbox['parent_access'] = true;
?>

Accessing the Parent's Variables

Just as with sandbox variable access, a sandbox parent's variables may be read from and written to as properties of the Runkit_Sandbox_Parent class. Read access to parental variables may be enabled with the parent_read setting (in addition to the base parent_access setting). Write access, in turn, is enabled through the parent_write setting.

Unlike sandbox child variable access, the variable scope is not limited to globals only. By setting the parent_scope setting to an appropriate integer value, other scopes in the active call stack may be inspected instead. A value of 0 (Default) will direct variable access at the global scope. 1 will point variable access at whatever variable scope was active at the time the current block of sandbox code was executed. Higher values progress back through the functions that called the functions that led to the sandbox executing code that tried to access its own parent's variables.

Example#2 Accessing parental variables

<?php
$php 
= new Runkit_Sandbox();
$php['parent_access'] = true;
$php['parent_read'] = true;

$test "Global";

$php->eval('$PARENT = new Runkit_Sandbox_Parent;');

$php['parent_scope'] = 0;
one();

$php['parent_scope'] = 1;
one();

$php['parent_scope'] = 2;
one();

$php['parent_scope'] = 3;
one();

$php['parent_scope'] = 4;
one();

$php['parent_scope'] = 5;
one();

function 
one() {
    
$test "one()";
    
two();
}

function 
two() {
    
$test "two()";
    
three();
}

function 
three() {
    
$test "three()";
    
$GLOBALS['php']->eval('var_dump($PARENT->test);');
}
?>

上例将输出:

string(6) "Global"
string(7) "three()"
string(5) "two()"
string(5) "one()"
string(6) "Global"
string(6) "Global"

Calling the Parent's Functions

Just as with sandbox access, a sandbox may access its parents functions providing that the proper settings have been enabled. Enabling parent_call will allow the sandbox to call all functions available to the parent scope. Language constructs are each controlled by their own setting: print() and echo() are enabled with parent_echo. die() and exit() are enabled with parent_die. eval() is enabled with parent_eval while include(), include_once(), require(), and require_once() are enabled through parent_include.


runkit
PHP Manual