我在PHP中编写了一个大脚本,需要保护未来用户创建的扩展程序。 我想出了一些像权限类检查扩展访问某些核心变量等的东西。
这是启动类:
class SystemStartup
{
private function startClass ( ) {
require ( dirname( __FILE__ ) . '/sys.run.php' );
//starting SystemRun with something like core security token
new SystemRun ( hash ( 'sha256' , $_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] . microtime ( TRUE ) ) );
}
function __construct ( ) {
//here i have some security stuff like checking class not already running
$this -> startClass ( );
}
function __destruct ( ) {
//wywolane na samym koncu
}
};
SystemRun类:
class SystemRun
{
private $SystemToken;
//static because i want to be callable from other classes extending SystemRun
protected static $SystemUrlControl;
private function startClass ( ) {
//before more code
//loading file with child class
require ( dirname( __FILE__ ) . '/urlcontrol.php' );
//starting it with security token
echo $this -> SystemToken; //just for check
self :: $SystemUrlControl = new SystemUrlControl ( $this -> SystemToken );
//more more more code (its main class)
}
protected function validateToken ( $SystemToken ) {
echo $this -> SystemToken; //just for check
//this should check tokens are the same
if ( $this -> SystemToken == $SystemToken ) return TRUE;
return FALSE;
}
function __construct ( $SystemToken ) {
//saving token for next classes
$this -> SystemToken = $SystemToken;
$this -> startClass ( );
}
};
现在SystemUrlControl扩展了SystemRun
class SystemUrlControl extends SystemRun
{
private $SystemToken;
//functions
//more functions
//more more more
function __construct ( $SystemToken ) {
if ( !parent :: validateToken ( $SystemToken ) ) echo 'somebody else called me!';
$this -> SystemToken = $SystemToken;
}
};
问题是从SystemUrlControl调用validateToken返回FALSE - SystemRun将其自己的SystemToken视为NULL。
输出(来自回声)是:
> 5b6a09d8f03dd7e6229a5... (valid token) (here NULL value) somebody else called me!
答案 0 :(得分:1)
在您的validateToken方法中,您有这个。
$this -> $SystemToken
应该是
$this -> SystemToken