-
-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Private variable access on a AccessInterceptorValueHolderFactory proxy class throws an error #68
Comments
@leedavis81 ProxyManager doesn't allow you to break OOP rules like that. It is expected to fail in case you access a private or protected property from the wrong scope ;) |
Protected property access works fine. But then I guess it would as the Proxy is an extension of the Foo class. I guess the question is should it? $foo->protectedProperty = 'Bar'; is being executed outside of the object scope, and works. |
@leedavis81 that shouldn't be possible/allowed. What's the snippet to access protected vars? |
It's at the last line of what's pasted above. Just remove the private property test to get to it
|
@leedavis81 good to know, I'll work on a fix, since this should not be possible |
Looks like the code generation for the various getters/setters was too simplistic here, and introduced a potential exploit (not a security issue fortunately). I'm working on it |
Provided a fix in #69 - will need to refactor some part of the library before merging, though, since complexity is adding up very fast because of these edge cases |
Closing, since #69 deals with this one |
Whenever attempting to read / write to a private variable execution stops and an error is thrown.
Not entirely sure if you'd want to keep this behaviour, or possibly throw an exception?
Execution stops when attempting to set $foo->privateProperty = 'Baz';
The text was updated successfully, but these errors were encountered: