Yii Framework Forum: Some Patch For Eval In Ccomponent.php - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Some Patch For Eval In Ccomponent.php Apply patch for CComponent.php , avoid eval function Rate Topic: -----

#1 User is offline   Imam Ferianto 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 31-March 12

Posted 06 March 2013 - 12:05 PM

Hello all,
Sorry for my bad english. I have some modified File in framework/base/CComponent.php
to run Yii on restricted eval environtment (something like php_suhosin ).
Hopelly this can help someone has similar problem with me.
before patch I cannot use:

 'value'=>'$data->frx0->columnx' 


with this patch calling eval variable will worked on restricted eval environtment


You can replace function evaluateExpression with this patch:

	public function evaluateExpression($_expression_,$_data_=array())
	{
		if(is_string($_expression_))
		{
			$key=str_replace("\$data->","",$_expression_);
			if(preg_match("/-\>/",$key)){
			  $data=$_data_['data'];
			  $var=explode("->",$key);
			  foreach($var as $key){
				if(isset($data->$key)) $data=$data->$key;
			  }
			  return $data;
			}elseif(!empty($key)) return   $_data_['data']->$key;
			else return null;
		}
		else
		{
			$_data_[]=$this;
			return call_user_func_array($_expression_, $_data_);
		}
	}


0

#2 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 3,648
  • Joined: 17-January 09
  • Location:Russia

Posted 06 March 2013 - 12:37 PM

If you're on PHP 5.3+ you can use:

'value'=> function($data) {
  return $data->frx0->columnx;
}

Yii 1.1 Application Development Cookbook

Enjoying Yii? Star us at github: 1.1 and 2.0.
0

#3 User is offline   Imam Ferianto 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 31-March 12

Posted 06 March 2013 - 09:29 PM

View Postsamdark, on 06 March 2013 - 12:37 PM, said:

If you're on PHP 5.3+ you can use:

'value'=> function($data) {
  return $data->frx0->columnx;
}



Hi sam thanks, I see that is short solution.
I wonder if Yii can run on restricted eval (suhosin) without some modification.
In my side
 $this->widget('zii.widgets.grid.CGridView' 

the button update,view,delete is not working, because its call some eval() or evaluateExpression()
function I believe, how to solve this?
0

#4 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 3,648
  • Joined: 17-January 09
  • Location:Russia

Posted 07 March 2013 - 05:15 AM

Change all evals to anonymous functions?
Yii 1.1 Application Development Cookbook

Enjoying Yii? Star us at github: 1.1 and 2.0.
0

#5 User is offline   Imam Ferianto 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 31-March 12

Posted 07 March 2013 - 11:17 PM

View Postsamdark, on 07 March 2013 - 05:15 AM, said:

Change all evals to anonymous functions?


yes it does posible, thanks for the tips. i changed to this:

$this->widget('zii.widgets.grid.CGridView', array(
    'id'=>'customer-grid',
    'dataProvider'=>$model->search(),
    'filter'=>$model,
    'columns'=>array(
        'customer_name',
        array(
            'class'=>'CButtonColumn',
            'template'=>'{view}',
            'buttons'=>array
            (
                'view' => array
                (
                    'label'=>'Update',
                    'url'=>function($data){ return Yii::app()->createUrl("cust/edit", array("id"=>$data->custid));},
                    'imageUrl'=>Yii::app()->request->baseUrl.'/images/icon_select.gif',
                    'options'=>array('style'=>'width:10px; border:none'),
                    'click'=>'function(event) { 
                        $.ajax({
                            url:$(this).attr("href"),
                            dataType: \'json\',
                            success: function(data){
                                $("#customerlist").dialog("open");
                                $("#Job_name").val(data.newjobno); 
                                $("#customerlist").dialog("close");
                            }
                        });                     
                        event.preventDefault();
                    }',
                ),      
            ),
        ),
       ),
));

0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users