php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-10-29 17:48:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request from GHSA-cjcc-p67m-7qxm

Browse Source 
* Fix: Unsafe Reflection in base Component class

* Fix style for consistency

* add changelog entry

* Fix wrong logic

* Fix exception message

* Update framework/CHANGELOG.md

---------

Co-authored-by: Stefano Mtangoo <stefano@hosannahighertech.co.tz>
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
This commit is contained in:
Stefano D. Mtangoo
2024-05-30 19:15:58 +03:00
committed by GitHub
parent 42e6524413
commit 628d406bfa
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
framework/base/Component.php
View File

@ -189,7 +189,15 @@ class Component extends BaseObject
} elseif (strncmp($name, 'as ', 3) === 0) {
// as behavior: attach behavior
$name = trim(substr($name, 3));
$this->attachBehavior($name, $value instanceof Behavior ? $value : Yii::createObject($value));
if ($value instanceof Behavior) {
$this->attachBehavior($name, $value);
} elseif (isset($value['class']) && is_subclass_of($value['class'], Behavior::class, true)) {
$this->attachBehavior($name, Yii::createObject($value));
} elseif (is_string($value) && is_subclass_of($value, Behavior::class, true)) {
$this->attachBehavior($name, Yii::createObject($value));
} else {
throw new InvalidConfigException('Class is not of type ' . Behavior::class . ' or its subclasses');
}
return;
}