Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:35181
Return-Path: <rewbs.soal@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 10353 invoked by uid 1010); 5 Feb 2008 11:43:24 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 10338 invoked from network); 5 Feb 2008 11:43:24 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Feb 2008 11:43:24 -0000
Authentication-Results: pb1.pair.com header.from=rewbs.soal@gmail.com; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com smtp.mail=rewbs.soal@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.134.185 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: rewbs.soal@gmail.com
X-Host-Fingerprint: 209.85.134.185 mu-out-0910.google.com  
Received: from [209.85.134.185] ([209.85.134.185:6945] helo=mu-out-0910.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 1F/B9-14268-BDB48A74 for <internals@lists.php.net>; Tue, 05 Feb 2008 06:43:23 -0500
Received: by mu-out-0910.google.com with SMTP id i2so1885654mue.2
        for <internals@lists.php.net>; Tue, 05 Feb 2008 03:43:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth;
        bh=p/2NxMboJbHgUNKQLayQNFxDED+sOtzz+LrBdxQM/Qo=;
        b=lw4rdaKawF7iu/aLxzluwI4IKd6B+hoPs4r/kVQdpu9IHYJDXOR8jf4uIILxL51+fdn3nQ7uFjDfL76tXavMAjSIPVzPWIOtXsSwwMGcvz1wsgo8QQU//7wBenjiph/6W+T4nY26BCUjKUJ1cjhVQUYlH7Ri7CUKTabvGhhJmks=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth;
        b=CLh2KcnfhgYfYEPPDrRbdg7vNAv0+dFVjGiGxmK5PtJrHseZMrY98qBU71CYwJz0AgOeLldZIT1B2gtnu95sC01aBl1mJDphmEmxk8LaJG1nvZg/3m+vxDM+2x74e1QYc0dgAp1jzZ6LXq9XDv7XKXBrhOAuubFT8KVX6r5bXlM=
Received: by 10.65.225.7 with SMTP id c7mr941309qbr.1.1202211799103;
        Tue, 05 Feb 2008 03:43:19 -0800 (PST)
Received: by 10.64.195.12 with HTTP; Tue, 5 Feb 2008 03:43:19 -0800 (PST)
Message-ID: <5a8807d10802050343r43742844we89366ec47b57f4b@mail.gmail.com>
Date: Tue, 5 Feb 2008 11:43:19 +0000
Sender: rewbs.soal@gmail.com
To: internals@lists.php.net
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Google-Sender-Auth: 716133dee64b9208
Subject: [PHP-DEV] Inconsistencies when accessing protected members
From: robinf@php.net ("Robin Fernandes")

Hi all,

The fix to bug 37212 (http://bugs.php.net/bug.php?id=37632) introduced
an unusual method accessibility rule. A class can access a protected
method declared outside of its own direct class hierarchy if that
method has a prototype in a common superclass.

<?php
class A {
	static protected function f() {return 'A::f()';}
}
class B1 extends A {
	static protected function f() {return 'B1::f()';}
}
class B2 extends A {
	static public function test() {echo B1::f();}
}
B2::test(); // prints B1::f()
?>

This is achieved using by zend_get_function_root_class() when invoking
zend_check_protected(), e.g.:
   zend_check_protected(zend_get_function_root_class(fbc), EG(scope))

Looking at other uses of zend_check_protected() reveals at least 5
cases where this rule is not enforced. They are illustrated below. So
is the rule itself incorrect? or should the inconsistent cases be
fixed?


The examples below were tested on 5.2.5 and the latest 5.3 and 6.0 snaps.

1. The visibility rule does not apply to properties (static or not):
<?php
class A {
	protected $p = 'A::$p';
	static protected $sp = 'A::$sp';
}
class B1 extends A {
	protected $p = 'B1::$p';
	static protected $sp = 'B1::$sp';
}
class B2 extends A {
	static public function test() {
		$b1 = new B1;
		echo $b1->p;  //Fatal error: Cannot access protected property B1::$p
		echo B1::$sp; //Fatal error: Cannot access protected property B1::$sp
	}
}
B2::test();
?>


2. It doesn't apply to callbacks either:
<?php
class A {
	static protected function f() {return 'A::f()';}
}
class B1 extends A {
	static protected function f() {return 'B1::f()';}
}
class B2 extends A {
	static public function test() {
		echo call_user_func('B1::f');
	}
}
B2::test(); // Warning: call_user_func() expects parameter 1 to be a
valid callback, cannot access protected method B1::f()
?>


3. is_callable() doesn't know about this visibility rule:
<?php
class A {
	static protected function f() {return 'A::f()';}
}
class B1 extends A {
	static protected function f() {return 'B1::f()';}
}
class B2 extends A {
	static public function test() {
		var_dump(is_callable('B1::f')); // returns false
		B1::f(); // works
	}
}
B2::test();
?>


4. The rule does not apply to the clone magic method:
<?php
class A {
	protected function f() {return 'A::f()';}
	protected function __clone() {}
}
class B1 extends A {
	protected function f() {return 'B1::f()';}
	protected function __clone() {}
}
class B2 extends A {
	static public function test($obj) {
		echo $obj->f(); 	// works
		clone $obj; // Fatal error: Call to protected B1::__clone() from context 'B2'
	}
}
B2::test(new B1);
?>


5. The rule does not apply to destructors:
<?php
class A {
	protected function __destruct() {}
}
class B1 extends A {
	protected function __destruct() {}
}
class B2 extends A {
	static public function test() {
		$obj = new B1;
	}  // Fatal error: Call to protected B1::__destruct() from context 'B2'
}
B2::test();
?>

Many thanks,
Robin