Errors in bizRule evaluation

The CAuthManager class evals the bizRules with the following method:




public function executeBizRule($bizRule,$params,$data)

{

    return empty($bizRule) || @eval($bizRule)!=0;

}



Note the ‘@’ sign which hides any feedback from the function if something fails or has an invalid syntax.

This makes it very difficult to find why your application is failing - things just don’t work, with no messages about why or where because the feedback is hidden.

So I subclassed the auth manager like so, so I can see and test what’s going on in the bizRule.

I would rather have an error on the page, which I can fix, than my app not working for some strange reason… :)

Perhaps change the codebase so the feedback is hidden in ‘production’ mode, but not otherwise?




class AuthManager extends CDbAuthManager

{

  public function executeBizRule($bizRule,$params,$data)

  {

    if(empty($bizRule)) {

      return true;

    } else {

      $result = eval($bizRule);

      return $result != 0;

    }

  }

}