Statement on glibc/iconv Vulnerability

    A classe ReflectionProperty

    (PHP 5, PHP 7, PHP 8)

    Introdução

    A classe ReflectionProperty relata informações sobre as propriedades de uma classe.

    Resumo da classe

    class ReflectionProperty implements Reflector {
    /* Constantes */
    public const int IS_STATIC;
    public const int IS_READONLY;
    public const int IS_PUBLIC;
    public const int IS_PROTECTED;
    public const int IS_PRIVATE;
    /* Propriedades */
    public string $name;
    public string $class;
    /* Métodos */
    public __construct(object|string $class, string $property)
    private __clone(): void
    public static export(mixed $class, string $name, bool $return = ?): string
    public getAttributes(?string $name = null, int $flags = 0): array
    public getDeclaringClass(): ReflectionClass
    public getDefaultValue(): mixed
    public getDocComment(): string|false
    public getModifiers(): int
    public getName(): string
    public getType(): ?ReflectionType
    public getValue(?object $object = null): mixed
    public hasDefaultValue(): bool
    public hasType(): bool
    public isDefault(): bool
    public isInitialized(?object $object = null): bool
    public isPrivate(): bool
    public isPromoted(): bool
    public isProtected(): bool
    public isPublic(): bool
    public isReadOnly(): bool
    public isStatic(): bool
    public setAccessible(bool $accessible): void
    public setValue(object $object, mixed $value): void
    public __toString(): string
    }

    Propriedades

    name

    Nome da propriedade. Somente leitura, lança ReflectionException ao tentar escrever.

    class

    Nome da classe onde a propriedade está definida. Somente leitura, lança ReflectionException ao tentar escrever.

    Constantes pré-definidas

    Modificadores de ReflectionProperty

    ReflectionProperty::IS_STATIC

    Indica propriedades estáticas. Antes do PHP 7.4.0, o valor era 1.

    ReflectionProperty::IS_READONLY

    Indica propriedades somente leitura. Disponível a partir do PHP 8.1.0.

    ReflectionProperty::IS_PUBLIC

    Indica propriedades públicas. Antes do PHP 7.4.0, o valor era 256.

    ReflectionProperty::IS_PROTECTED

    Indica propriedades protegidas. Antes do PHP 7.4.0, o valor era 512.

    ReflectionProperty::IS_PRIVATE

    Indica propriedades privadas. Antes do PHP 7.4.0, o valor era 1024.

    Nota:

    Os valores dessas constantes podem mudar entre as versões do PHP. É recomendável sempre usar as constantes e não depender dos valores diretamente.

    Registro de Alterações

    Versão Descrição
    8.0.0 ReflectionProperty::export() foi removido.

    Índice

    Improve This Page

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes 2 notes

    up
    8
    rasmus at mindplay dot dk
    13 years ago
    I think a more accurate explanation is this:

    The Reflection classes are designed to reflect upon the source code of an application, not on any runtime information.

    I think you misunderstand the ReflectionProperty constructor in your example above. The fact that it accepts an object as argument is just a convenience feature - you are actually inspecting the class of that object, not the object itself, so it's basically equivalent to:

    <?php

    // works fine
    $Reflection = new ReflectionProperty(get_class($a), 'a');

    // throws exception
    $Reflection = new ReflectionProperty(get_class($a), 'foo');

    ?>

    Getting the class of the object you're passing in is implied, since inspecting a defined property is the purpose of this class.

    In your example, $a->foo is a dynamic member - it is not defined as a member of class, so there is no defining class reference, line number, default value, etc. - which means, there is nothing to reflect upon.

    Clearly this very useful library could use some real documentation...
    up
    -12
    Nanhe Kumar
    10 years ago
    <?php
    //serialize static properties (class variable)

    class Student {

    private     $members = array();
    protected     $name;
    public static     $noOfStudent;

    public function     __construct($name = 'Nanhe Kumar') {
    $this->name = $name;
    Student::$noOfStudent++;
    }

    public function     __sleep() {
    $vars = get_class_vars(get_class($this));
    foreach (    $vars as $key => $val) {
    if (!empty(    $val))
    $this->members[$key] = $val;
    }
    return     array_keys(get_object_vars($this));
    }

    public function     __wakeup() {
    foreach (    $this->members as $key => $val) {
    $prop = new ReflectionProperty(get_class($this), $key);
    $prop->setValue(get_class($this), $val);
    }
    $this->members = array();
    }

    public function     getTotalStudent() {
    return     self::$noOfStudent;
    }

    }

    $so1 = new Student();
    $so2 = new Student();
    $serialized = serialize($so1);
    print_r($serialized); //O:7:"Student":2:{s:16:"Studentmembers";a:1:{s:11:"noOfStudent";i:2;}s:7:"*name";s:11:"Nanhe Kumar";}
    $unserialized = unserialize($serialized);
    print_r($unserialized); //Student Object ( [members:Student:private] => Array ( ) [name:protected] => Nanhe Kumar )
    echo Student::$noOfStudent; //2
    ?>
    add a note
    To Top