I am trying to create a class to clean data for a brand before adding it to my database.
As you can see I have added general filters (which can be used elsewhere). On the other hand, some fields will need a personalized cleaning. That's why I created 'function' in my array.
My code is currently functional however the create_function function is deprecated and I would like to remove it but I cannot find an alternative without using eval.
Can you help me find a solution? Thank you.
<?php
class VehMarques
{
private static $fields_allowed = [
'_id' =>
[
'instanceof' => '\MongoDB\BSON\ObjectID',
],
'name' =>
[
'function' => 'if(!isset($name) && !isset($age)){return false;}',
],
'user' =>
[
'required',
'instanceof' => '\MongoDB\BSON\ObjectID',
],
'centre' =>
[
'required',
'instanceof' => '\MongoDB\BSON\ObjectID',
],
'time' =>
[
'instanceof' => 'MongoDB\BSON\UTCDateTime',
],
];
public static function add(array $fields)
{
$fields_options=array();
foreach(self::$fields_allowed as $key => $val)
{
foreach($val as $key1 => $val1)
{
if(in_array($val1, array('required')))
{
$fields_options[$val1][$key] = null;
}
else
{
$fields_options[$key1][$key] = $val1;
}
}
}
if(!empty(self::$fields_allowed) && !empty(array_diff_key($fields, self::$fields_allowed)))
{
return false;
}
if(!empty($fields_options['function']))
{
foreach($fields_options['function'] as $func)
{
$func = preg_replace('/\$([a-zA-Z0-9]+)/', '$fields[\'$1\']', $func);
if(create_function('$fields', $func)($fields) === false)
{
return false;
}
}
}
if(!empty($fields_options['required']) && !empty(array_diff_key($fields_options['required'], $fields)))
{
return false;
}
if(!empty($fields_options['instanceof']))
{
foreach($fields_options['instanceof'] as $key => $val)
{
if(!($fields[$key] instanceof $val))
{
return false;
}
}
}
if(!isset($fields['_id']))
{
$fields['_id'] = new \MongoDB\BSON\ObjectID();
}
if(!isset($fields['time']))
{
$fields['time'] = new MongoDB\BSON\UTCDateTime();
}
return true;
}
}
$insert_marque = array(
'_id' => new \MongoDB\BSON\ObjectID(),
'name' => 'Test',
'user' => new \MongoDB\BSON\ObjectID(),
'centre' => new \MongoDB\BSON\ObjectID(),
'time' => new MongoDB\BSON\UTCDateTime()
);
var_dump(VehMarques::add($insert_marque));
?>
Never use eval of function that can create executable code from string. It is extremely bad practice.
Use callbacks instead:
class VehMarquesValidator
{
private $callbacks = [];
public function __construct()
{
$this->callbacks = [
[$this, 'validateVehMarques']
];
}
public function validate(array $fields)
{
foreach ($this->callbacks as $callback) {
if (!call_user_func($callback, $fields)) {
return false;
}
}
return true;
}
private function validateVehMarques(array $fields)
{
if(isset($fields['name'])) {
return true;
}
if(isset($fields['age'])) {
return true;
}
return false;
}
}
$validator = new VehMarquesValidator();
var_dump($validator->validate([
'name' => 'Test'
]));
var_dump($validator->validate([
'no_name' => 'Test'
]));
Try to avoid static methods. It is bad practice too.