PHP OOP - 可以从外部类访问var_dump的私有变量?
I have a class User with a variable: private $uPass;
I just noticed that when creating an instance of User and I run a var_dump on that instance that it just lists all the private variables? Is there any way to turn this off?
class User
{
private $uId;
private $uName;
private $uPass;
private $uPowers;
$teamMembers[$count] = new User();
foreach ($teamMembers as $teamMember)
{
var_dump($teamMember);
}
And then the output just shows everything, including the passwords ... Ofcourse they're encrypted, but still don't want them to be accessible like this!?
What's the correct way to solve this?
我有一个带有变量的用户类:private $ uPass; p>
我刚刚注意到在创建User实例时,我在该实例上运行了一个var_dump,它只列出了所有私有变量? 有什么方法可以关闭它吗? p>
class User
{
private $ uId;
private $ uName;
private $ uPass;
private $ uPowers;
$ teamMembers [$ count] = new User();
foreachach ($ teamMembers as $ teamMember)
{
var_dump($ teamMember);
}
code> pre>
然后输出只显示所有内容,包括密码。 ..
Ofcourse它们是加密的,但仍然不希望它们像这样被访问!? p>
解决这个问题的正确方法是什么? p>
DIV>
It's doing exactly what it says it does:
All public, private and protected properties of objects will be returned in the output unless the object implements a __debugInfo() method (implemented in PHP 5.6.0).
So you can implement a custom __debugInfo method, or alternatively, just stop worrying about it. This is only a security risk if someone has access to your source code, or a serialized copy of the object, both of which are probably signs of a much wider security issue.