Display MoreThis extension for WoltLab Suite 5.2+ extends the same with an implementation of the shunting-yard algorithm, which can be used to perform mathematical operations (e.g. from an option) without using potentially dangerous PHP functions.
Usage examples:
PHP
CodePlease login to see this link.require_once(WCF_DIR . 'lib/system/api/php-shunting-yard/autoload.php');@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$equation = '3 + 4 * 2 / ( 1 - 5 ) ^ 2 ^ 3';@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$result = \RR\Shunt\Parser::parse($equation);@@@WCF_PRE_LINEBREAK@@@Please login to see this link.echo $result; // 3.0001220703125
PHP
Display MoreCodePlease login to see this link.require_once(WCF_DIR . 'lib/system/api/php-shunting-yard/autoload.php');@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$string = 'max(%x * 0.1 + 0.35, 2000)';@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$string = str_replace('%x', 3434.133, $string);@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$ctx = new \RR\Shunt\Context();@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$allowedFunctions = ['ceil', 'exp', 'floor', 'fmod', 'max', 'min', 'pow']; // allowed PHP functions@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.foreach ($allowedFunctions as $fn) {@@@WCF_PRE_LINEBREAK@@@Please login to see this link. if (str_contains($string, $fn . '(')) {@@@WCF_PRE_LINEBREAK@@@Please login to see this link. $ctx->def($fn);@@@WCF_PRE_LINEBREAK@@@Please login to see this link. }@@@WCF_PRE_LINEBREAK@@@Please login to see this link.}@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.$result = \RR\Shunt\Parser::parse($string, $ctx);@@@WCF_PRE_LINEBREAK@@@Please login to see this link.@@@WCF_PRE_LINEBREAK@@@Please login to see this link.echo $result; // 2000
Source: Please login to see this link.
