Details
-
Type: Bug
-
Status: Done/Fixed
-
Priority: Trivial
-
Resolution: Fixed/Completed
-
Affects Version/s: 3.4.0
-
Fix Version/s: 4.4.0
-
Component/s: Core CiviCRM
-
Labels:None
Description
Hi,
Quite a few places in the code still use the PHP4 way of eval instead of the better/faster/more secure new $className () or call_user_func_array ()
I'm going to change a few (starting with the Invoke as discussed with lobo).
CRM/Export/BAO/Export.php: eval( '$errorFileName =' . $parserName . '::errorFileName( $type );' );
CRM/Export/BAO/Export.php: eval( '$saveFileName =' . $parserName . '::saveFileName( $type );' );
CRM/Export/BAO/Export.php: eval( '$search = new ' . $customSearchClass . '( $formValues );' );
CRM/Export/Form/Select.php: eval( '$this->_exportMode = self::' . strtoupper( $componentName[1] ) . '_EXPORT;');
CRM/Export/Form/Select.php: eval('CRM_' . $componentName[1] . '_Form_Task::preProcessCommon( $this, true );');
CRM/Export/Form/Select.php: eval( '$componentTasks = CRM_'. $componentName[1] .'_Task::tasks();' );
CRM/Dedupe/Merger.php: eval( "$path::$fName( $mainId, null, $otherId );");
CRM/Mailing/Form/Component.php: eval( $this->_BAOName . '::retrieve( $params, $defaults );' );
CRM/Import/ImportJob.php: eval( "\$this->_$param = \$value;");
CRM/Import/Form/DataSource.php: eval( "{$this->_dataSource}::buildQuickForm( \$this );" );
CRM/Import/Form/DataSource.php: eval("\$info = $dataSourceClass::getInfo();");
CRM/Import/Form/DataSource.php: eval( "$this->_dataSource::postProcess( \$this->_params, \$db );" );
CRM/Import/Form/Preview.php: eval( '$mapperRelatedContactType[$key] = $relationType->contact_type_'.$second.';');
CRM/Pledge/Form/Pledge.php: eval( 'CRM_Contribute_Form_AdditionalInfo::build' . $type . '( $this );' );
CRM/Report/Form.php: eval( "\$expFields = {$table['bao']}::exportableFields( );");
CRM/Report/Form.php: eval( "\$expFields = {$table['dao']}::export( );");
CRM/Report/Form.php: eval("\$clause = \"{$field['clause']}\";");
CRM/Upgrade/Page/Upgrade.php: eval("\$this->{$phpFunctionName}('$rev');");
CRM/Upgrade/Page/Upgrade.php: eval( "\$form = new $formName( );" );
CRM/Upgrade/Page/Upgrade.php: eval( "\$form = new $formName( '$rev' );" );
CRM/Upgrade/TwoOne/Page/Upgrade.php: eval( "\$form = new $formName( );" );
CRM/Upgrade/TwoOne/Page/Upgrade.php: eval( "\$form = new $formName( '2.1.4' );" );
CRM/Upgrade/Form.php: eval( "\$incrementalPhpObject['$versionName'] = new CRM_Upgrade_Incremental_php_{$versionName};" );
CRM/Contribute/BAO/ContributionType.php: eval('$bao = new CRM_' . $name[0] . 'BAO' . $name[1] . '();');
CRM/Contribute/Form.php: eval( $this->_BAOName . '::retrieve( $params, $defaults );' );
CRM/Contribute/Form/ContributionCharts.php: eval( "\$values['object'] = CRM_Utils_OpenFlashChart::" . $funName .'( $values );' );
CRM/Contribute/Form/Contribution.php: eval( 'CRM_Contribute_Form_AdditionalInfo::build' . $type . '( $this );' );
CRM/Utils/System/Soap.php: eval('$url = ' . self::$ufClass . '::url($path, $query, $absolute, $fragment);');
CRM/Utils/System/Soap.php: eval('$result =& ' . self::$ufClass . '::authenticate($name, $pass);');
CRM/Utils/Pager.php: * use a POST to jump to a specific page). At some point we should evaluate if we want
CRM/Utils/SoapServer.php: eval ('$result =& ' . $this->ufClass . '::authenticate($name, $pass);');
CRM/Utils/Token.php: * @param boolean $returnBlankToken return unevaluated token if value is null
CRM/Utils/VersionCheck.php: eval("\$dao = new $daoName;");
CRM/Utils/System.php: return eval( 'return ' .
CRM/Utils/System.php: return eval( "return {$config->userFrameworkClass}::permissionDenied( );" );
CRM/Utils/System.php: return eval( "return {$config->userFrameworkClass}::logout( );" );
CRM/Utils/System.php: return eval( $config->userFrameworkClass . '::setTitle( $title, $pageTitle );' );
CRM/Utils/System.php: return eval( 'return ' . $config->userFrameworkClass . '::appendBreadCrumb( $breadCrumbs );' );
CRM/Utils/System.php: return eval( 'return ' . $config->userFrameworkClass . '::resetBreadCrumb( );' );
CRM/Utils/System.php: return eval( 'return ' . $config->userFrameworkClass . '::addHTMLHead( $bc );' );
CRM/Utils/System.php: return eval( 'return ' . $config->userFrameworkClass . '::postURL( $action ); ' );
CRM/Utils/System.php: return eval( 'return ' . $config->userFrameworkClass . '::mapConfigToSSL( ); ' );
CRM/Utils/System.php: eval( 'return ' . $config->userFrameworkClass . '::authenticate($name, $password);' );
CRM/Utils/System.php: eval( 'return ' . $config->userFrameworkClass . '::setMessage( $message );' );
CRM/Utils/System.php: header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
CRM/Utils/System.php: return eval("return {$config->userFrameworkClass}::getUFLocale();");
CRM/Utils/System.php: return eval('return '. $config->userFrameworkClass . '::isUserLoggedIn( );');
CRM/Utils/System.php: return eval('return '. $config->userFrameworkClass . '::getLoggedInUfID( );');
CRM/Utils/Weight.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Utils/Weight.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Utils/OpenFlashChart.php: eval( "\$chartObj = CRM_Utils_OpenFlashChart::" . $chart .'( $params );' );
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: return eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Utils/Hook.php: eval( 'return ' .
CRM/Event/BAO/Participant.php: * @param string $eventLevel event_leval string from db
CRM/Event/BAO/Event.php: eval('$dao = new ' . $daoName . '( );');
CRM/Event/Page/ParticipantListing.php: eval( "\$participantListingClass = new $className( );" );
CRM/Event/Form/Participant.php: foreach ( $roleids as $rolekey => $rolevalue ) {
CRM/Event/Form/Participant.php: $roleTypes[] = HTML_QuickForm::createElement( 'checkbox', $rolekey, null, $rolevalue,
CRM/Event/Form/ManageEvent/Location.php: return eval( 'CRM_Contact_Form_Edit_' . $this->_addBlockName . '::buildQuickForm( $this );' );
CRM/Event/Form/Task/Badge.php: eval( "\$eventBadgeClass = new $className( );" );
CRM/Case/Form/Case.php: eval("CRM_Case_Form_Activity_{$this->_activityTypeFile}::preProcess( \$this );");
CRM/Case/Form/Case.php: eval('$defaults = CRM_Case_Form_Activity_'. $this->_activityTypeFile. '::setDefaultValues($this);');
CRM/Case/Form/Case.php: eval("CRM_Case_Form_Activity_{$this->_activityTypeFile}::buildQuickForm( \$this );");
CRM/Case/Form/Case.php: eval('$this->addFormRule' . "(array('CRM_Case_Form_Activity_{$this->_activityTypeFile}', 'formrule'), \$this);");
CRM/Case/Form/Case.php: eval("CRM_Case_Form_Activity_{$this->_activityTypeFile}" . "::beginPostProcess( \$this, \$params );");
CRM/Case/Form/Case.php: eval("CRM_Case_Form_Activity_{$this->_activityTypeFile}" . "::endPostProcess( \$this, \$params );");
CRM/Logging/Differ.php: eval("\$dao = new $daos[$table];");
CRM/Logging/Reverter.php: eval("\$dao = new {$daos[$table]};");
CRM/Member/BAO/MembershipStatus.php: eval('$dao = new CRM_Member_BAO_' . $name. '();');
CRM/Member/BAO/MembershipType.php: eval('$dao = new CRM_Member_DAO_' . $name . '();');
CRM/Member/Form.php: eval( $this->_BAOName . '::retrieve( $params, $defaults );' );
CRM/UF/Form/Group.php: eval( 'CRM_UF_Form_AdvanceSetting::' . $type . '( $this );' );
CRM/Contact/BAO/SearchCustom.php: eval( '$customClass = new ' . $customSearchClass . '( $formValues );' );
CRM/Contact/BAO/ProximityQuery.php: eval( $config->geocodeMethod . '::format( $proximityAddress );' );
CRM/Contact/BAO/Relationship.php: * helper function to form the sql for relationship retrieval
CRM/Contact/BAO/Contact.php: eval("\$blockDAO = new CRM_Core_DAO_$block();");
CRM/Contact/BAO/Contact.php: eval( '$fields =& CRM_Core_DAO_' . $block . '::fields( );' );
CRM/Contact/Page/View/Summary.php: eval( '$pseudoConst = CRM_Core_PseudoConstant::'.$value['type'].'( );' );
CRM/Contact/StateMachine/Search.php: return eval( "return {$modeValue['taskClassName']}::getTask( $value );" );
CRM/Contact/Selector/Custom.php: eval( '$this->_search = new ' . $customSearchClass . '( $formValues );' );
CRM/Contact/Selector/Custom.php: eval( '$this->_search = new ' . $ext->keyToClass( $customSearchClass, 'search' ) . '( $formValues );' );
CRM/Contact/DAO/Factory.php: $newObj = eval( sprintf( "return %s %s%s();",
CRM/Contact/Form/Merge.php: eval("\$updateDAO = new CRM_Core_DAO_$daoName();");
CRM/Contact/Form/Merge.php: eval("\$deleteDAO = new CRM_Core_DAO_$daoName();");
CRM/Contact/Form/Edit/Address.php: // Below eval() fixes this issue.
CRM/Contact/Form/Edit/Address.php: eval("\${$key} = " . (!is_array($val) ? "'{$val}'" : var_export($val, true)) . ";");
CRM/Contact/Form/Search/Custom.php: eval( '$this->_customClass = new ' . $this->_customSearchClass . '( $this->_formValues );' );
CRM/Contact/Form/Search/Advanced.php: eval( 'CRM_Contact_Form_Search_Criteria::' . $type . '( $this );' );
CRM/Contact/Form/Search.php: eval( '$tasks += ' . $this->_modeValue['taskClassName'] . '::permissionedTaskTitles( $permission );' );
CRM/Contact/Form/Search.php: eval( '$selector = new ' . $this->_selectorName .
CRM/Contact/Form/Search.php: eval( '$selector = new ' . $this->_selectorName .
CRM/Contact/Form/Search.php: eval( '$selector = new ' . $this->_selectorName .
CRM/Contact/Form/Search.php: eval( '$selector = new ' . $this->_selectorName .
CRM/Contact/Form/Task/Print.php: eval( '$selector = new ' .
CRM/Contact/Form/Task/EmailCommon.php: // during token evaluation etc.
CRM/Contact/Form/Task.php: eval( '$selector = new ' .
CRM/Contact/Form/Contact.php: eval( 'CRM_Contact_Form_Edit_' . $name . '::setDefaultValues( $this, $defaults );' );
CRM/Contact/Form/Contact.php: return eval( 'CRM_Contact_Form_Edit_' . $this->_addBlockName . '::buildQuickForm( $this );' );
CRM/Contact/Form/Contact.php: eval( 'CRM_Contact_Form_Edit_' . $this->_contactType . '::buildQuickForm( $this, $this->_action );' );
CRM/Contact/Form/Contact.php: eval( 'CRM_Contact_Form_Edit_' . $name . '::buildQuickForm( $this );' );
CRM/Contact/Form/Location.php: eval( 'CRM_Contact_Form_Edit_' . $blockName . '::buildQuickForm( $form );' );
CRM/Activity/BAO/Activity.php: // check if there are any unevaluated tokens
CRM/Activity/BAO/Activity.php: // $greetingTokens not empty, means there are few tokens which are not evaluated, like custom data etc
CRM/Activity/Import/Parser/Activity.php: eval( '$valid = CRM_Utils_Rule::' . $ruleName . '( $dateVal );' );
CRM/Activity/Form/Activity.php: eval("CRM_{$this->crmDir}_Form_Activity{$this->_activityTypeFile}::preProcess( \$this );");
CRM/Activity/Form/Activity.php: eval('$defaults += CRM_'.$this->crmDir.'_Form_Activity'.
CRM/Activity/Form/Activity.php: eval("CRM_{$this->crmDir}_Form_Activity{$this->_activityTypeFile}::buildQuickForm( \$this );");
CRM/Activity/Form/Activity.php: eval('$this->addFormRule' .
CRM/Activity/Form/Activity.php: eval("CRM_{$this->crmDir}_Form_Activity{$this->_activityTypeFile}" .
CRM/Activity/Form/Activity.php: eval("CRM_{$this->crmDir}_Form_Activity{$this->_activityTypeFile}" .
CRM/Admin/Form.php: eval( $this->_BAOName . '::retrieve( $params, $this->_values );' );
CRM/Admin/Form.php: eval( $this->_BAOName . '::retrieve( $params, $this->_values );' );
CRM/Admin/Form/RelationshipType.php: eval( $this->_BAOName . '::retrieve( $params, $defaults );' );
CRM/SMS/Protocol.php: self::$_singleton = eval( 'return ' . $config->smsClass . '::singleton( $mode );' );
CRM/Core/PseudoConstant.php: eval( '$object = new ' . $name . '( );' );
CRM/Core/BAO/LocationType.php: eval( '$object = new CRM_Core_DAO_' . $name . '( );' );
CRM/Core/BAO/Block.php: eval ('$block = new CRM_Core_BAO_' . $blockName .'( );');
CRM/Core/BAO/Block.php: eval ('$block = new CRM_Core_BAO_' . $blockName .'( );');
CRM/Core/BAO/Block.php: eval ( '$allBlocks = CRM_Core_BAO_' . $name . '::all' . $name . 's( $contactId, $updateBlankLocInfo );');
CRM/Core/BAO/Block.php: eval ( '$allBlocks = CRM_Core_BAO_' . $name . '::allEntity' . $name . 's( $entityElements );');
CRM/Core/BAO/Block.php: eval('$block = new CRM_Core_BAO_' . $blockName .'( );');
CRM/Core/BAO/Block.php: eval( '$blocks[] = CRM_Core_BAO_' . $name . '::add( $blockFields );' );
CRM/Core/BAO/Block.php: eval ( '$block = new CRM_Core_DAO_' . $blockName . '( );' );
CRM/Core/BAO/CustomGroup.php: eval('$args = ' . $args . ';');
CRM/Core/BAO/Address.php: eval( $config->geocodeMethod . '::format( $params );' );
CRM/Core/BAO/Mapping.php: foreach ( $rel as $phonekey => $phonevalue ) {
CRM/Core/BAO/Location.php: eval( '$location[$block] = CRM_Core_BAO_Block::create( $block, $params, $entity );');
CRM/Core/BAO/Location.php: eval( '$dao = new CRM_Core_DAO_' . $daoName . '( );' );
CRM/Core/BAO/Location.php: eval( '$blocks[$block] = CRM_Core_BAO_' . $name . '::getValues( $entityBlock, $microformat );');
CRM/Core/OptionValue.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/Block.php: eval( '$obj->creatNewShortcut( $shortCuts );');
CRM/Core/I18n/Schema.php: eval("\$columns =& $class::columns();");
CRM/Core/I18n/Schema.php: eval("\$indices =& $class::indices();");
CRM/Core/I18n/Schema.php: eval("\$indices =& $class::indices();");
CRM/Core/I18n/Schema.php: eval("\$tables =& $class::tables();");
CRM/Core/I18n/Schema.php: eval("\$indices =& $class::indices();");
CRM/Core/I18n/Schema.php: eval("\$columns =& $class::columns();");
CRM/Core/I18n/Schema.php: eval("\$columns =& $class::columns();");
CRM/Core/I18n/Schema.php: eval("\$columns =& $class::columns();");
CRM/Core/Payment.php: self::$_singleton[$cacheKey] = eval( 'return ' . $paymentClass . '::singleton( $mode, $paymentProcessor );' );
CRM/Core/DAO.php: eval('$fields =& ' . $class . '::fields( );');
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$dao = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$newObject = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/DAO.php: eval( '$object = new ' . $daoName . '( );' );
CRM/Core/Page/Basic.php: eval( '$object = new ' . $this->getBAOName( ) . '( );' );
CRM/Core/Payment/PayflowPro.php: $headers[] = "Content-Type: text/namevalue";
CRM/Core/Extensions.php: * extension retrieval order here, array indices will be used as
CRM/Core/Permission.php: return eval( 'return ' . $config->userPermissionClass . '::getPermission( );' );
CRM/Core/Permission.php: return eval( 'return ' . $config->userPermissionClass . '::check( $str ); ' );
CRM/Core/Permission.php: return eval( 'return ' . $config->userPermissionClass . '::whereClause( $type, $tables, $whereTables );' );
CRM/Core/Permission.php: return eval( 'return ' . $config->userPermissionClass . '::group( $groupType, $excludeHidden );' );
CRM/Core/Invoke.php: eval ( '$object = ' .
CRM/Core/Invoke.php: eval ( '$object = ' .
CRM/Core/DAO/Factory.php: $newObj = eval( sprintf( "return %s %s%s();",
Attachments
Issue Links
- is supplemented by
-
CRM-12743 Eliminate use of eval in core code
- Done/Fixed