As a PHP developer, you might recall using create_function to generate anonymous functions in your projects. However, the release of PHP 7.2 marked the beginning of the end for this function, as it was deemed deprecated. With PHP 8, using create_function is strongly advised against due to the potential security vulnerabilities it presents.
To help you navigate this change, we’ve compiled a list of alternative methods for creating anonymous functions that are secure, efficient, and in line with the latest PHP standards. Let’s dive into these powerful techniques that will elevate your PHP development experience and ensure your code is up-to-date.
Anonymous Functions (Closures)
With the introduction of PHP 5.3, anonymous functions, also known as closures, became a preferred alternative to create_function. These functions do not require a name and can be stored in a variable or passed as an argument to other functions. They also provide improved readability and maintainability compared to their predecessor. Here’s an example of how to create an anonymous function:
$square = function ($number) {
return $number * $number;
};
echo $square(4); // Output: 16
Arrow Functions
PHP 7.4 introduced arrow functions, a more concise way to create anonymous functions for simple, single-expression use cases. Arrow functions automatically capture variables from the surrounding scope and have a shorter syntax, making them more readable. Here’s an example of how to use an arrow function:
$square = fn($number) => $number * $number; echo $square(4); // Output: 16
Callable Type Hints
Another powerful feature available in modern PHP versions is the ability to use callable type hints. This approach enables you to specify that a function or method should accept a callable as an argument, which can then be executed within the function. Here’s an example:
function execute(callable $function, $number) {
return $function($number);
}
$square = function ($number) {
return $number * $number;
};
echo execute($square, 4); // Output: 16
Array Callbacks
In some cases, you might want to use an existing function or method as a callback. This can be done by specifying the function or method as an array, with the first element being the class or object, and the second element being the method name. Here’s an example:
class Calculator {
public function square($number) {
return $number * $number;
}
}
$calculator = new Calculator();
echo execute([$calculator, 'square'], 4); // Output: 16
In addition to the mentioned alternatives, we can provide a PHP 8 compatible workaround for the deprecated create_function that enables developers to generate anonymous functions at runtime using a string of PHP code as input. However, please be cautious while using this solution, as it relies on the eval() function, which can introduce security vulnerabilities if not used carefully.
Here’s the code sample for the replacement function:
/**
* This is a PHP 8 replacement function for the deprecated create_function function that allows developers to create anonymous functions at runtime using a string of PHP code as input.
*
* @param string $arg The argument list for the anonymous function.
* @param string $body The body of the anonymous function.
* @return callable Returns a new anonymous function.
*/
if ( ! function_exists( "create_function" ) ) {
function create_function( $arg, $body ) {
static $cache = []; // A static array used to store previously created functions.
static $max_cache_size = 64; // The maximum size of the cache.
static $sorter; // A callback function used to sort the cache by hit count.
if ( $sorter === null ) {
// Define the sorter callback function.
$sorter = function ( $a, $b ) {
if ( $a->hits == $b->hits ) {
return 0;
}
return $a->hits < $b->hits ? 1 : -1;
};
}
// Generate a unique key for the current function.
$crc = crc32( $arg . "\\x00" . $body );
if ( isset( $cache[$crc] ) ) {
// If the function has already been created and cached, increment the hit count and return the cached function.
++$cache[$crc][1];
return $cache[$crc][0];
}
if ( sizeof( $cache ) >= $max_cache_size ) {
// If the cache size limit is reached, sort the cache by hit count and remove the least-used function.
uasort( $cache, $sorter );
array_pop( $cache );
}
// Create a new anonymous function using `eval` and store it in the cache along with a hit count of 0.
$cache[$crc] = [
( $cb = eval( "return function(" . $arg . "){" . $body . "};" ) ),
0,
];
return $cb;
}
}
To use this function, you can simply call it with two parameters: the argument list for the anonymous function, and the body of the anonymous function. The function will then create a new anonymous function using eval and store it in a cache for future use.
This workaround provides a familiar interface for those who were previously using create_function. However, it is crucial to emphasize the importance of using this code cautiously and responsibly due to the potential security risks associated with the eval() function. Whenever possible, it is recommended to use the modern alternatives discussed earlier in the tutorial, such as anonymous functions, arrow functions, callable type hints, and array callbacks.
Conclusion
In conclusion, the advancements in PHP have empowered developers with a myriad of secure and efficient options to replace the outdated create_function. By embracing the modern techniques of anonymous functions, arrow functions, callable type hints, and array callbacks, you’ll elevate your code quality and improve maintainability.
We’ve tried our best to explain everything thoroughly, even though there’s so much information out there. If you found our writing helpful, we’d really appreciate it if you could buy us a coffee as a token of support.
Also, if you’re interested in learning more about WordPress, Javascript, HTML, CSS, and programming in general, you can subscribe to our MailChimp for some extra insights.
Nice! It works 🙂