1

My application need to do some math operations on some data. Since theese operations are going to change very often, I was thinking of using an interpreted language and let the user write them.

I see that PHP has both LUA and a sort of JS parser, however the documentations is very poor.

Are there any interpreted languages that can be parsed from PHP? I only need basic if-then-else and math operators

JohnKiller
  • 2,008
  • 18
  • 28
  • You can use `eval()` to interpret php code. Keep in mind that it might be vulnerable to php injection. – ByteHamster Mar 02 '15 at 16:59
  • 2
    eval() is about the most dangerous thing you can do. If you "let the user write them"...it's not vulnerable to PHP injection, it -IS- PHP Injection. Is MathML overkill/too complicated??? – calamari Mar 02 '15 at 17:05
  • 1
    [How to make a calculator in PHP](http://stackoverflow.com/questions/12692727/how-to-make-a-calculator-in-php) – Mark Baker Mar 02 '15 at 17:18
  • No way I'm gonna use eval for absolutely untrusted user data. Also, if there is a syntax error, the whole php script stops executing. I'm asking for an interpreted language like JS or LUA wich can be run by PHP – JohnKiller Mar 02 '15 at 17:23
  • @MarkBaker thanks for the link, however I woud like a Turing-complete language since I may need loops and if-statements – JohnKiller Mar 02 '15 at 17:24
  • @calamari thanks for the MathML suggestion, however this is addressed to inexperienced users that are primarily mathematicians – JohnKiller Mar 02 '15 at 17:28
  • Take a look at [recki-ct](https://github.com/google/recki-ct) as the basis for implementing a dsl in PHP – Mark Baker Mar 02 '15 at 17:33
  • "I only need basic if-then-else". Please don't. It's the same old story: programmer X introduces some deficient language into some major application and then everybody suffers for generations. Another thing: you don't want to force your users to learn a quaint and hateful language, like a certain flavor of Lisp I won't mention ("dynamic scoping" anyone?), or like a "macro" language (TeX anyone?), so pick a well-known, conventional and established language. Lua and JS (unless it's "sort of"!) both fit the bill. I know Wikimedia eventually picked Lua and you may want to look up their reason. – Niccolo M. Mar 03 '15 at 00:22

3 Answers3

2

Even if there is no much documentation, I'll go for LUA, using the install script found here https://github.com/chtombleson/php-lua-install-script

Other languages supported are listed here http://pecl.php.net/packages.php?catpid=59&catname=Languages

JohnKiller
  • 2,008
  • 18
  • 28
1

I know it's a bit late to respond to this, but...

Dealing with customizable user logic and not finding an easy, ready-to-go solution, was the exact reason why I just went ahead and created my own scripting language, called Primi.

Written purely in PHP, sandboxed in and interpreted by PHP. Done without dependencies on some external binaries and/or libraries, or any fancy, non-standard PHP extensions.

I mean, phpv8/v8js is pretty great (and looks like they've done a lot of work in the last 2 years), but the getting-it-to-work part was pretty rough for me - at least at the time, when I was doing my research about existing scripting solutions (and with my limited knowledge of Linux stuff back then). Downloading and compiling Google's V8, configuring a compiling the extension, and then finally getting it to work - that's not even an option sometimes, if you don't have absolute control over your machine (cloud hosting and stuff).

What can Primi do?

Primi most definitely is very, very inferior to any full-pledged scripting/programming language like PHP, JS, Python, etc. - both by features and by performance (it _is_ interpreted by PHP).

Primi's aim is not to do complex stuff - to have OOP, support classes, async stuff or whatnot (at least not right now) - but rather to provide a simple way for a developer to allow his/her clients to write custom logic (calculations, conditions, loops, string manipulations, etc.) that could be safely executed inside Primi's interpreter, which itself is executed by PHP and thus confined within PHP's own VM.

And all that without making any changes to the surrounding environment (OS-wide installing binaries, compiling libraries).

Installation

Primi can be installed as a Composer package and then used instantly:

composer require smuuf/primi

And that's it for the installation process.

Usage

The interpreter can be then used like this:

$context = new \Smuuf\Primi\Context;
$interpreter = new \Smuuf\Primi\Interpreter($context);

try {

    // Let the interpreter run a source code.
    $interpreter->run('a = 1; b = a + 2; c = "some string"; d = c + " extra thing";');

    // Get defined variables from primary context and print them.
    foreach ($context->getVariables() as $name => $value) {
        printf("%s (%s) ... %s\n", $name, $value::TYPE, $value->getInternalValue());
    }

} catch (\Smuuf\Primi\ErrorException $e) {
    die($e->getMessage());
}

Running this code in PHP would result in this:

a (number) ... 1
b (number) ... 3
c (string) ... some string
d (string) ... some string extra thing

Disclaimer

I am the author of this

If you find any bugs to report, have suggestions for new features, or you just want to see how it works or want to help, you can find everything else here: https://github.com/smuuf/primi.

Smuuf
  • 6,339
  • 3
  • 23
  • 35
0

I would probably have made this a comment, but it's a bit too long and it's technically ALMOST an answer :-p

If you want the absolute simplest approach for your users...where the user enters an equation and then you are responsible to utilize the equation on subsequent pages...then you can do string parsing.

So, for instance, you would find all text-characters in a string and convert them into inputs. So, with the equation, "2x", you would create a single input: 2<input name='x' /> Then, on post, you convert 2x into:

$result = floatval(2) * floatval($_GET['x']);

Something like this is pretty safe so long as you do not trust either the equation nor the user input as PHP code...ensure the right types, etc. However, depending on your experience, parsing the string correctly and turning 2y into 2 * y, etc., is going to be your challenge, and more than I can answer given time.

the point on MathML is that if you can take the user's equation and convert it into MathML, you may be able to take advantage of other people's work for processing the equation. The point in my comment was not to make the user utilize MathML themselves...that's your job :)

calamari
  • 234
  • 1
  • 5