PHP :: Bug #24852 :: protected and private properties' contents can be seen from the outside

Bug #24852

protected and private properties' contents can be seen from the outside

Submitted:

2003-07-29 07:13 UTC

Modified:

2003-08-10 07:34 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

hecsoxpij at freemail dot hu

Assigned:

Status:

Not a bug

Package:

Scripting Engine problem

PHP Version:

5CVS-2003-07-29 (dev)

OS:

Windows 2000 SP2

Private report:

CVE-ID:

None

View Developer Edit

[2003-07-29 07:13 UTC] hecsoxpij at freemail dot hu

Description:
------------
If I create a class with private or protected properties in it the contents of those can be seen from the outside via the functions var_dump and print_r. This may lead to some security vulnerabilities with future applications.

This may not be actually a bug, but it seems rather illogical to be able to access the values with this method while others fail.

Reproduce code:
---------------
class Test
{
   private $foo;

   function __construct ()
   {
      $this->foo = 'xy';
   }
}

$test = new Test;

print_r($test);

Expected result:
----------------
test Object
(
)

Actual result:
--------------
test Object
(
   [foo:private] => xy
)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-08-10 07:34 UTC] zeev@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Expected behavior

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Fri Feb 20 21:00:01 2026 UTC