¤ì¤Ö¤í¤°

¢£ ¥Õ¥¡¥¤¥ë¤ò include ¤¹¤ëºÝ¤Ë¥Õ¥£¥ë¥¿¤ò¤«¤±¤ëÊýË¡

¥¹¥È¥ê¡¼¥à¥é¥Ã¥Ñ¤ò»È¤Ã¤Æ´Ê°×¥Æ¥ó¥×¥ì¡¼¥È¥¨¥ó¥¸¥ó¤òºî¤ëÊýË¡¤¬¾Ò²ð¤µ¤ì¤Æ¤¤¤Þ¤·¤¿¡£

• Mike Naberezny - Symfony Templates and Ruby’s ERb
• Akra’s DevNotes » Blog Archive » A View Stream with Zend_View

ÊýË¡¤È¤·¤Æ¤Ï¶½Ì£¿¼¤¤¤Î¤Ç¤¹¤¬¡¢¤Á¤ç¤Ã¤ÈÂ礲¤µ¤Ê´¶¤¸¤¬¤¹¤ë¤Î¤Ç¡¢ ƱÍͤΤ³¤È¤ò¤â¤Ã¤È´Êñ¤ÊÊýË¡¤Ç¤ä¤Ã¤Æ¤ß¤Þ¤·¤¿¡£ ÀèÆü¤Î¥Æ¥ó¥×¥ì¡¼¥È¥¨¥ó¥¸¥ó ¤ÈƱ¤¸¤è¤¦¤Ë¡¢

<?=...?>  ¢ª  <?php echo htmlspecialchars(..., ENT_QUOTES) ?>

¤È¤¤¤¦ÊÑ´¹¤ò¤µ¤»¤ë¤³¤È¤Ë¤·¤Þ¤¹¡£

include ¤ÎÂå¤ï¤ê¤Ë eval ¤ò»È¤¦

¾¤ÎÊýË¡¤ÈÈæ¤Ù¤Æ´Êñ¤Ç¹â®¤Ç¤¹¡£ ¤³¤ó¤Ê¥³¡¼¥É¤Ë¤Ê¤ê¤Þ¤¹¡£

<?php

class MyView
{
    public function render($filename)
    {
        $buffer = file_get_contents($filename);
        $buffer = $this->_prefilter($buffer);
        extract(get_object_vars($this));
        eval('?>' . $buffer);
    }

    protected function _prefilter($buffer)
    {
        $pattern     = '/<\?=\s*(.*?)[;\s]*\?>/';
        $replacement = '<?php echo htmlspecialchars($1, ENT_QUOTES) ?>';
        return preg_replace($pattern, $replacement, $buffer);
    }
}

¥´¥Á¥ã¥´¥Á¥ã½ñ¤­¤Þ¤·¤¿¤¬¡¢Í×¤Ï include ¤ÎÂå¤ï¤ê¤Ë¡¢

eval('?>' . filter(file_get_contents($filename)));

¤Î¤è¤¦¤Ë½ñ¤±¤ÐÎɤ¤¤Ç¤¹¡£

¥¹¥È¥ê¡¼¥à¥Õ¥£¥ë¥¿¤ò»È¤¦

¥¹¥È¥ê¡¼¥à¥é¥Ã¥Ñ¤ò»È¤¦ÊýË¡¤Ë»÷¤Æ¤¤¤Þ¤¹¤¬¡¢ php://filter ¤È¤¤¤¦ PHP Æþ½ÐÎÏ¥¹¥È¥ê¡¼¥à¤ò»È¤¦¤È¡¢ ¥Õ¥¡¥¤¥ë¤òÆþ½ÐÎϤ¹¤ëºÝ¤Ë¥Õ¥£¥ë¥¿¤ò»Ü¤¹¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ç¤¹¡£

• PHP: PHP Æþ½ÐÎÏ¥¹¥È¥ê¡¼¥à - Manual
• PHP: stream_filter_register - Manual

¶ñÂÎŪ¤Ë¤Ï¡¢¤³¤ó¤Ê¥³¡¼¥É¤Ë¤Ê¤ê¤Þ¤¹¡£

<?php

class short_tag_filter extends php_user_filter
{
    public function filter($in, $out, &$consumed, $closing)
    {
        while ($bucket = stream_bucket_make_writeable($in)) {
            $pattern      = '/<\?=\s*(.*?)[;\s]*\?>/';
            $replacement  = '<?php echo htmlspecialchars($1, ENT_QUOTES) ?>';
            $bucket->data = preg_replace($pattern, $replacement, $bucket->data);
            $consumed += $bucket->datalen;
            stream_bucket_append($out, $bucket);
        }
        return PSFS_PASS_ON;
    }
}

class MyView
{
    public function __construct()
    {
        stream_filter_register('convert.short_tag', 'short_tag_filter');
    }

    public function render($filename)
    {
        extract(get_object_vars($this));
        include 'php://filter/read=convert.short_tag/resource=' . $filename;
    }
}

¤³¤Á¤é¤ÎÊýË¡¤Ï¡¢include °Ê³°¤Î¥Õ¥¡¥¤¥ëÆþ½ÐÎÏ´Ø¿ô¤È¤âÁȤ߹ç¤ï¤»¤é¤ì¤ë¤Ï¤º¤Ç¤¹¡£ »²¹Í¤Î¤¿¤á¤Ë¡¢¥Æ¥¹¥È¤Ë»È¤Ã¤¿¥³¡¼¥É¤òÃÖ¤¤¤Æ¤ª¤­¤Þ¤¹¡£

• filtered_include.zip

Tags: PHP | | | | Permalink