1.2.999. Property Export¶
With a reference, it is possible to export a property and modify it from the outside. This requires the handling of the reference with a method and a variable.
The result is a suprising modification of the original object, even if its visibility is private.
<?php
class x {
private $p = [];
function &foo() {
return $this->p;
}
function print() {
print_r($this->p);
}
}
$x = new x();
$export = &$x->foo();
$export[] = 2;
$x->print();
// property $p has been modified in $x
// $x->p === [2];
?>
1.2.999.1. Suggestions¶
Avoid modifying an object without its knowledge
1.2.999.2. Specs¶
Short name |
Classes/ExportProperty |
Rulesets |
|
Exakat since |
2.6.4 |
PHP Version |
All |
Severity |
Minor |
Time To Fix |
Quick (30 mins) |
Precision |
High |
Available in |