meebio / php-eval-console
Standalone php eval console. In-browser, standalone console that executes your PHP code and returns the produced output.
Installs: 15 368
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Language:JavaScript
Requires
- php: >=5.3.0
Requires (Dev)
- fieryprophet/php-sandbox: 1.3.*
Suggests
- fieryprophet/php-sandbox: Required for PhpSandboxEvaluator to work.
README
In-browser, standalone console that executes your PHP code and returns the produced output. This package is based on package darsain/laravel-console.
Table of contents
Installation
Get package through composer:
composer require meebio/php-eval-console
Copy vendor/meebio/php-eval-console/assets
to assets
in project root directory.
Create index.php
in project root directory with following content:
<?php require_once __DIR__ . '/vendor/autoload.php'; use Meebio\PhpEvalConsole\Console; $console = new Console(); $console->boot();
Open index.php page in browser.
Configuration
Evaluators
EvalEvaluator
Basic evaluator that uses eval
command. This is entirely not secure.
PhpSandboxEvaluator
More advanced php evaluator that make use of fieryprophet/php-sandbox
package. This sandbox class utilizes PHP-Parser to prevent sandboxed code from
running unsafe code. If configured properly this evaluator could probably allow application to be exposed to public
users. To use this evaluator require fieryprophet/php-sandbox
package in composer.
Authorizers
IpAuthorizer
This authorizer ensures that only access from provided ips is possible. Authorizer constructor takes to arguments first is array of allowed ips (null if this check should be disabled) and second is array of disallowed ips (null if this check should be disabled).
Queries callback
Closure that will provide array of queries after code evaluation. Returned data should be in following format:
array( array( 'query' => 'SELECT * FROM `users`;', 'time' => 0.113, ), array( 'query' => 'SELECT * FROM `posts` JOIN `category` ON `post`.`category_id` = `category`.`id`;', 'time' => 0.231, ), );
Laravel support
You should install the package through Composer:
composer require meebio/php-eval-console
You must add service provider to app config:
'providers' => [ ... Meebio\PhpEvalConsole\Providers\PhpEvalConsoleLaravelServiceProvider::class, ... ];
You can publish package assets through artisan command:
php artisan vendor:publish --provider="Meebio\PhpEvalConsole\Providers\PhpEvalConsoleLaravelServiceProvider"
or just copy directory vendor/meebio/php-eval-console/assets
to public/vendor/php-eval-console
.
Last thing that should be done is to make sure CSRF Protection is not blocking console post requests. To do that in Laravel 5.1 you should add console URI to be excluded in VerifyCsrfToken class. So it looks something like this:
<?php namespace App\Http\Middleware; use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier; class VerifyCsrfToken extends BaseVerifier { /** * The URIs that should be excluded from CSRF verification. * * @var array */ protected $except = [ 'console', ]; }
For lower versions of Laravel, that can be done as well, but some manual method overriding is needed.
When everything is done you should see Console at /console
uri.
TODO
- Improve errors handling.