PHP Manual
后退		前进

Runkit_Sandbox

(no version information, might be only in CVS)

Runkit_Sandbox -- Runkit Sandbox Class -- PHP Virtual Machine

说明

Instantiating the Runkit_Sandbox class creates a new thread with its own scope and program stack. Using a set of options passed to the constructor, this environment may be restricted to a subset of what the primary interpreter can do and provide a safer environment for executing user supplied code.

注: 对沙盒的支持（是函数 runkit_lint()、runkit_lint_file() 和 Runkit_Sandbox 类所必须的）仅在 PHP 5.1 中，或在加过特别补丁的 PHP 5.0 中，并需要启用线程安全。请阅读 runkit 包中的 README 文件，以了解更多信息。

Constructor

void Runkit_Sandbox::__construct ( [array options] )

options is an associative array containing any combination of the special ini options listed below.

safe_mode: If the outer script which is instantiating the Runkit_Sandbox class is configured with safe_mode = off, then safe_mode may be turned on for the sandbox environment. This setting can not be used to disable safe_mode when it's already enabled in the outer script.
open_basedir: open_basedir may be set to any path below the current setting of open_basedir. If open_basedir is not set within the global scope, then it is assumed to be the root directory and may be set to any location.
allow_url_fopen: Like safe_mode, this setting can only be made more restrictive, in this case by setting it to FALSE when it is previously set to TRUE
disable_functions: Comma separated list of functions to disable within the sandbox sub-interpreter. This list need not contain the names of the currently disabled functions, they will remain disabled whether listed here or not.
disable_classes: Comma separated list of classes to disable within the sandbox sub-interpreter. This list need not contain the names of the currently disabled classes, they will remain disabled whether listed here or not.
runkit.superglobal: Comma separated list of variables to be treated as superglobals within the sandbox sub-interpreter. These variables will be used in addition to any variables defined internally or through the global runkit.superglobal setting.

例子 1. Instantiating a restricted sandbox


<?php
$options = array(
  'safe_mode'=>true,
  'open_basedir'=>'/var/www/users/jdoe/',
  'allow_url_fopen'=>'false',
  'disable_functions'=>'exec,shell_exec,passthru,system',
  'disable_classes'=>'myAppClass');
$sandbox = new Runkit_Sandbox($options);
/* Non-protected ini settings may set normally */
$sandbox->ini_set('html_errors',true);
?>

Accessing Variables

All variables in the global scope of the sandbox environment are accessible as properties of the sandbox object. The first thing to note is that because of the way memory between these two threads is managed, object and resource variables can not currently be exchanged between interpreters. Additionally, all arrays are deep copied and any references will be lost. This also means that references between interpreters are not possible.

例子 2. Working with variables in a sandbox


<?php
$sandbox = new Runkit_Sandbox();

$sandbox->foo = 'bar';
$sandbox->eval('echo "$foo\n"; $bar = $foo . "baz";');
echo "{$sandbox->bar}\n";
if (isset($sandbox->foo)) unset($sandbox->foo);
$sandbox->eval('var_dump(isset($foo));');
?>

上例将输出：

bar
barbaz
bool(false)

Calling PHP Functions

Any function defined within the sandbox may be called as a method on the sandbox object. This also includes a few psuedo-function language constructs: eval(), include(), include_once(), require(), and require_once(). Most notably abset are the language constructs: echo(), print(), die(), and exit(). These functions are excluded out of simplicity and to avoid confusion as they would mostly likely be used incorrectly.

例子 3. Calling sandbox functions


<?php
$sandbox = new Runkit_Sandbox();

echo $sandbox->str_replace('a','f','abc');
?>

上例将输出：

fbc

When passing arguments to a sandbox function, the arguments are taken from the outer instance of PHP. If you wish to pass arguments from the sandbox's scope, be sure to access them as properties of the sandbox object as illustrated above.

例子 4. Passing arguments to sandbox functions


<?php
$sandbox = new Runkit_Sandbox();

$foo = 'bar';
$sandbox->foo = 'baz';
echo $sandbox->str_replace('a',$foo,'a');
echo $sandbox->str_replace('a',$sandbox->foo,'a');
?>

上例将输出：

bar
baz

后退	起点	前进
runkit Functions	上一级	runkit_class_adopt