自定义解析函数PHP [英] Custom parsing function PHP
问题描述
我正在尝试从以下功能中删除评估。我尝试了 sprintf 和 $ {} ,但是仍然找不到解决方案。
I'm trying to remove eval from the following function. I tried with sprintf and ${} , but still cannot find a solution.
这里的功能:
function parseDbString(string $value = 'Looking for a good {{ $pippo }}'){
$pippo='Pizza';
return preg_replace_callback('/{{(.*?)}}/', function($res) use ($pippo) {
// $val=${trim($res[1])}; Returns "Undefined variable: $pippo"
$val=@eval("return ".trim($res[1]).";"); // Returns "Looking for a good Pizza"
return isset($val) ? $val : $res[0];
},$value);
}
推荐答案
所以,是的, eval()
通常被视为php中最高级别的邪恶之一。在大多数情况下,当任务适合通过 eval()
或变量变量(基本上是包装不良的数组)来解决时,这是存储/存储不当的症状声明的数据,通常最好的做法是彻底重新考虑。
So, yes, eval()
is often detested as one of the highest order "evils" in php. In most cases, when a task lends itself to be solved by eval()
or variable-variables (which are basically poorly packaged arrays), this is a symptom of inappropriately stored/declared data and often the best course of action is a complete rethink.
要解决您孤立的问题而不从根本上重写自定义函数,我将提供一个邪恶的例子(但我认为它仍然是邪恶的,因为其使用存在风险)- GLOBALS
& 全局
...
To solve your isolated question without fundamentally rewriting the custom function, I'll offer a lesser "evil" (but still an "evil" in my opinion because there are risks in its usage) -- GLOBALS
& global
...
代码:(演示)
function parseDbString(string $value = 'Looking for a good {{ $pippo }}'){
global $pippo; // declare $pippo as a global variable
$pippo = 'Pizza';
return preg_replace_callback('/{{ \$(.*?) }}/', function($m) use ($pippo) {
echo "Global: " , $GLOBALS['pippo'];
echo "\n{$m[1]}\n";
return $GLOBALS[$m[1]] ?? $m[0]; // null coalescing operator provides fallback
},$value);
}
echo parseDbString();
输出:
Global: Pizza # <-- for demonstraton purposes
pippo # <-- for demonstraton purposes
Looking for a good Pizza # <-- desired output
...所以为什么这种解决方法是一个坏主意,所以,假设您有一个包含<$ c的字符串$ c> {{$ db}} -这样的公共变量名称很可能存在于全局变量列表中。因此,如果字符串中的 {{变量}}
与全局范围内的任何变量匹配,都会导致错误的结果。
...so why is this workaround a "bad idea", well, imagine you have a string that contains {{ $db }}
-- such a common variable name is likely to exists in your list of global variables. So if the {{ variable }}
in your string matches ANY of the variables in the global scope, you're going to get faulty outcomes.
现在,您应该做什么 ?只需在数组中声明您的 $ pippo
数据,即可使用关联关系。 (演示)
Now, what should you do? Just declare your $pippo
data in an array so that you have an associative relationship to leverage. (Demo)
function parseDbString(string $value = 'Looking for a good {{ $pippo }}'){
$lookup = ['pippo' => 'Pizza'];
return preg_replace_callback('/{{ \$(.*?) }}/', function($m) use ($lookup) {
return $lookup[$m[1]] ?? $m[0]; // null coalescing operator provides fallback
}, $value);
}
echo parseDbString();
根据对输入数据的控制量,现在可以删除 $
在输入字符串中的 pippo
之前-这样就消除了一些不必要的字符。
Depending upon the amount of control you have over your input data, you can now afford to remove the $
before pippo
in your input string -- which eliminates a few unnecessary characters here and there.
如果您仍在阅读,可以使用 strtr()
或 str_replace()清理整个内容
。 (演示)
And if you are still reading, you can clean this whole thing up with strtr()
or str_replace()
. (Demo)
function parseDbString(string $value = 'Looking for a good {{ $pippo }}'){
$lookup = ['{{ $pippo }}' => 'Pizza']; // this can be extended all you like!
return strtr($value, $lookup);
}
echo parseDbString();
这篇关于自定义解析函数PHP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!