search

Corveda / PHPSandbox

A PHP-based sandboxing library with a full suite of configuration and validation options.
https://phpsandbox.org
Other
220 stars 45 forks source link

Configuring PHPSandbox to Allow Specific Methods While Restricting Direct Function Calls #41

Open titonova opened 1 month ago

titonova commented 1 month ago

Hello,

I am using PHPSandbox and have a specific requirement regarding function and method calls within the sandbox. Specifically, I would like to allow certain methods of a class to execute, even if they internally use functions that I want to restrict from being called directly by the user.

For example, I want to permit the method Biz::find() to be called, which internally uses various mysqli_* functions. However, I do not want to allow any direct calls to mysqli_* functions within the sandbox. Essentially, Biz::find() should be allowed, but any direct invocation of mysqli_connect(), mysqli_query(), etc., should be disallowed.

Here are some micro code examples to illustrate the requirement:

Desired Behavior:

class Biz {
    public static function find() {
        // Internally uses mysqli_* functions
        $mysqli = mysqli_connect("localhost", "user", "password", "database");
        // Other mysqli_* operations...
    }
}

// Allowed
Biz::find();

Undesired Behavior:

// Disallowed
$mysqli = mysqli_connect("localhost", "user", "password", "database");

PHPSandbox Configuration:

How can I configure PHPSandbox to allow Biz::find() but disallow direct calls to mysqli_* functions? I am looking for a way to specify this within the sandbox environment.

Thank you for your help.

titonova commented 1 month ago

@fieryprophet