将当前使用常量的php数组索引转换为使用单引号字符串的数组索引的方法（例如通过bash脚本）？

发布于 2024-10-31 21:36:14 字数 411 浏览 5 评论 0原文

我有一大堆 php 脚本，其中有很多常量用来代替正确的单引号数组字符串。

例如：（

$row_rsCatalogsItems[Name]

坏）

而不是

$row_rsCatalogsItems['Name']

（好）

我将如何创建一个可以在脚本上运行的脚本（bash、php，无论什么是最有用的），以将它们转换为更明智的方法？

理想情况下，它不仅匹配 [something]，还匹配 $variable_name[someIndex]。

我实际上想知道考虑到可能会搞砸字符串或html的内部，它是否可行......（也许如果我只使用单引号，那并不重要，因为它们无论如何都会被插值......）

原文

I have a huge pile of php scripts with lots of constants being used in place of proper single-quoted array strings.

For example:

$row_rsCatalogsItems[Name]

(bad)

instead of

$row_rsCatalogsItems['Name']

(good)

How would I create a script (bash, php, whatever is most usable) that I can run on scripts to convert them to the more sensible method?

Ideally it wouldn't just match the [something], but also the $variable_name[someIndex].

I'm actually wondering whether it's even viable considering the potential to screw up the interiors of strings or html... (maybe if I just use single quotes, it won't matter because they're interpolated anyway...)

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

蓝戈者 2024-11-07 21:36:15

这听起来像是 Tokenizer 的工作！

您可以使用从 PHP 源文件中获取所有已解析的令牌token_get_all。然后，您可以浏览结果数组，一次评估每个令牌。令牌名称以数字形式返回，您可以使用 查找token_name。

PHP 交互式提示符下的一个小演示：

php > $str = '<?php echo $face[fire]; echo $face[\'fire\']; ?>';
php > $t = token_get_all($str);
php > foreach($t as $i => $j) { if(is_array($j)) $t[$i][0] = token_name($j[0]); }

这是不同代码块中的输出，因为它有点高，并且在滚动浏览源字符串时可以很好地引用源字符串。

php > print_r($t);
Array
(
    [0] => Array
        (
            [0] => T_OPEN_TAG
            [1] => <?php
            [2] => 1
        )

    [1] => Array
        (
            [0] => T_ECHO
            [1] => echo
            [2] => 1
        )

    [2] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [3] => Array
        (
            [0] => T_VARIABLE
            [1] => $face
            [2] => 1
        )

    [4] => [
    [5] => Array
        (
            [0] => T_STRING
            [1] => fire
            [2] => 1
        )

    [6] => ]
    [7] => ;
    [8] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [9] => Array
        (
            [0] => T_ECHO
            [1] => echo
            [2] => 1
        )

    [10] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [11] => Array
        (
            [0] => T_VARIABLE
            [1] => $face
            [2] => 1
        )

    [12] => [
    [13] => Array
        (
            [0] => T_CONSTANT_ENCAPSED_STRING
            [1] => 'fire'
            [2] => 1
        )

    [14] => ]
    [15] => ;
    [16] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [17] => Array
        (
            [0] => T_CLOSE_TAG
            [1] => ?>
            [2] => 1
        )

)

正如您所看到的，我们的邪恶数组索引是一个T_VARIABLE，后跟一个开括号，然后是一个T_STRING，未引用。单引号索引以 T_CONSTANT_ENCAPSED_STRING、引号等形式出现。

有了这些知识，您就可以浏览标记列表并实际重写源代码以消除所有未加引号的数组索引 - 其中大多数应该非常明显。当您写回文件时，只需在字符串周围添加单引号即可。

请记住，您不希望引用任何数字索引，因为这肯定会产生不良的副作用。

另请记住，表达式在索引内是合法的：

$pathological[ some_function('Oh gods', 'why me!?') . '4500' ] = 'Teh bad.';

使用自动化工具处理这些表达式会花费微小、稍微困难的时间。我的意思是，尝试处理它们可能会让你勃然大怒。我建议现在只尝试解决常量/字符串问题。如果操作正确，您应该能够将通知倒计时减少到更易于管理的水平。

（另请注意，Tokenizer 将卷曲字符串语法作为实际标记进行处理，T_CURLY_OPEN——这应该使那些讨厌的内联数组索引更容易处理。这里再次列出了所有令牌，以防万一您错过了。）

This sounds like a job for the Tokenizer!

You can fetch all of the parsed tokens from a PHP source file using token_get_all. You can then go through the resulting array, evaluating each token one at a time. The token name comes back as a number you can look up using token_name.

A small demo at the PHP interactive prompt:

php > $str = '<?php echo $face[fire]; echo $face[\'fire\']; ?>';
php > $t = token_get_all($str);
php > foreach($t as $i => $j) { if(is_array($j)) $t[$i][0] = token_name($j[0]); }

And here's the output in a different code block, as it's a bit tall and it'll be good to reference the source string while scrolling through it.

php > print_r($t);
Array
(
    [0] => Array
        (
            [0] => T_OPEN_TAG
            [1] => <?php
            [2] => 1
        )

    [1] => Array
        (
            [0] => T_ECHO
            [1] => echo
            [2] => 1
        )

    [2] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [3] => Array
        (
            [0] => T_VARIABLE
            [1] => $face
            [2] => 1
        )

    [4] => [
    [5] => Array
        (
            [0] => T_STRING
            [1] => fire
            [2] => 1
        )

    [6] => ]
    [7] => ;
    [8] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [9] => Array
        (
            [0] => T_ECHO
            [1] => echo
            [2] => 1
        )

    [10] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [11] => Array
        (
            [0] => T_VARIABLE
            [1] => $face
            [2] => 1
        )

    [12] => [
    [13] => Array
        (
            [0] => T_CONSTANT_ENCAPSED_STRING
            [1] => 'fire'
            [2] => 1
        )

    [14] => ]
    [15] => ;
    [16] => Array
        (
            [0] => T_WHITESPACE
            [1] =>
            [2] => 1
        )

    [17] => Array
        (
            [0] => T_CLOSE_TAG
            [1] => ?>
            [2] => 1
        )

)

As you can see, our evil array indexes are a T_VARIABLE followed by an open bracket, then a T_STRING that is not quoted. Single-quoted indexes come through as T_CONSTANT_ENCAPSED_STRING, quotes and all.

With this knowledge in hand, you can go through the list of tokens and actually rewrite the source to eliminate all of the unquoted array indexes -- most of them should be pretty obvious. You can simply add single quotes around the string when you write the file back out.

Just keep in mind that you'll want to not quote any numeric indexes, as that will surely have undesirable side-effects.

Also keep in mind that expressions are legal inside of indexes:

$pathological[ some_function('Oh gods', 'why me!?') . '4500' ] = 'Teh bad.';

You'll have a teeny tiny, slightly harder time dealing with these with an automated tool. By which I mean trying to handle them may cause you to fly into a murderous rage. I suggest only trying to fix the constant/string problem now. If done correctly, you should be able to get the Notice count down to a more manageable level.

(Also note that the Tokenizer deals with the curly string syntax as an actual token, T_CURLY_OPEN -- this should make those pesky inlined array indexes easier to deal with. Here's the list of all tokens once again, just in case you missed it.)

回复收藏 0 原文