[Esapi-php] emulating Method Overriding in PHP
Martin Reiche
dev.bberry at googlemail.com
Mon Dec 7 05:10:17 EST 2009
Hi folks,
okay, we then need a naming convention. Linden proposed a "_"
followed by the names of the parameters. That could be really cruel
if you have many parameters and permutations of the parameters in
your function.
As I am facing the same problem today in the Base64 codec
implementation, I will think about some convention criteria.
Nevertheless, if you have any idea, please post to the list.
Best,
Martin
Am 04.12.2009 um 21:34 schrieb Boberski, Michael [USA]:
> After looking at this further...
>
> Let's go with option #2, there's no need to over-complicate things.
>
> Best,
>
> Mike B.
>
>
> From: esapi-php-bounces at lists.owasp.org [mailto:esapi-php-
> bounces at lists.owasp.org] On Behalf Of Mike Boberski
> Sent: Thursday, December 03, 2009 7:45 PM
> To: ESAPI for PHP development list
> Subject: Re: [Esapi-php] emulating Method Overriding in PHP
>
> I'd like Andrew to weigh in on this, although I know his time is
> really at a premium at the moment. I personally need to give it
> more thought, otherwise.
>
> What approach would you recommend, using HTTPUtilities as an example?
>
> Mike
>
>
> On Thu, Dec 3, 2009 at 5:56 PM, Linden Darling
> <Linden.Darling at jds.net.au> wrote:
> Hi team,
>
>
> Just looking through HTTPUtilities, I notice a few cases of JAVA
> Method Overriding…E.g.:
>
>
> class javaExample
>
> {
>
> void methodExample()
>
> {
>
> //do something with
> no args passed
>
> }
>
>
> void methodExample(string someString)
>
> {
>
> //do something with
> a single string arg passed
>
> }
>
>
> void methodExample(integer someInt,
> string someString)
>
> {
>
> //do something with
> a single integer and single string passed
>
> }
>
> }
>
>
> Am wondering if we’ve “gone with” any tricks to emulate Method
> Overriding in PHP? If not, how are we currently dealing with cases
> of overridden methods?
>
>
> (I may have already done this myself, if so I forget and it’s
> better we all agree to stick to some common way of dealing with
> this anyways…)
>
>
> Some ideas I’ve got (stolen from people that thought of them well
> before me, I must admit J):
>
>
> 1) Squeeze all the JAVA Overridden Methods into a single PHP
> method that can accept all permutations of arguments and has logic
> to handle each permutation. E.g.:
>
>
> function methodExample($arg1=null, $arg2=null, $arg3=null)
>
> {
>
> if($arg1===null)
>
> {
>
> //do something with no args passed
>
> return;
>
> }
>
> elseif($arg2===null)
>
> {
>
> //do something with single string arg passed
>
> return;
>
> }
>
> else
>
> {
>
> //do something with a single integer and a single string passed
>
> return;
>
> }
>
> }
>
>
> 2) Rename any extra instances of a method using some form of
> naming convention which can be documented and provide an easily
> understood trace back to the JAVA implementation. Just need to
> ensure we call the appropriate method where the arguments differ in
> the JAVA code.
>
>
> function methodExample()
>
> {
>
> //do something with no args passed
>
> }
>
>
> function methodExample_string($someString)
>
> {
>
> //do something with a single string passed
>
> }
>
>
> function methodExample_integerString($someInt, $someString)
>
> {
>
> //do something with a single integer and a single string passed
>
> }
>
>
> 3) Use the __call() magic method. Prepend some ESAPI4PHP token
> and append an argument-specific version token to emulated
> Overridden Methods (so effectively the original JAVA method doesn’t
> exist), use the __call() method to handle calls to the
> unimplemented ESAPI4JAVA method names where the logic analyses the
> passed arguments and calls the appropriate emulated Overridden
> Method. E.g.:
>
>
> function __call($name, $arguments)
>
> {
>
> switch($name)
>
> {
>
> case ‘methodExample’:
>
> switch(count($arguments))
>
> {
>
> case 0:
>
> $this->
> esapi4phpOverriddenMethod_methodExample_version01();
>
> break;
>
> case 1:
>
> $this-
> >esapi4phpOverriddenMethod_methodExample_version02($arguments[0]);
>
> break;
>
> case 2:
>
> $this-
> >esapi4phpOverriddenMethod_methodExample_version02($arguments[0],
> $arguments[1]);
>
> break;
>
> }
>
> break;
>
> case ‘someOtherMethodExample’:
>
> //similar to above
>
> break;
>
> default:
>
> throw new Exception(“Method not supported!”);
>
> }
>
> }
>
>
> function esapi4phpOverriddenMethod_methodExample_version01()
>
> {
>
> //do something with no args passed
>
> }
>
>
> function esapi4phpOverriddenMethod_methodExample_version02
> ($someString)
>
> {
>
> //do something with a single string arg passed
>
> }
>
>
> function esapi4phpOverriddenMethod_methodExample_version02
> ($someInt, $someString)
>
> {
>
> //do something with a single integer and single string passed
>
> }
>
>
> /** would be wise (and totally necessary in some
> cases) to check (and switch on) the types of each argument that is
> passed to __call() too, rather than just the number of arguments **/
>
>
>
> I’m thinking that the __call() trick is the neatest way to handle
> this, but it means that any Overridden Methods from ESAPI4JAVA
> won’t be “physically” implemented in ESAPI4PHP.
>
>
> Your thoughts??
>
>
> - Linden
>
>
>
> _______________________________________________
> Esapi-php mailing list
> Esapi-php at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-php
>
>
> _______________________________________________
> Esapi-php mailing list
> Esapi-php at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-php/attachments/20091207/910594d7/attachment-0001.html
More information about the Esapi-php
mailing list