PHP 8.2.0 Beta 3 available for testing

Autocarga de clases

Muchos desarrolladores que escriben aplicaciones orientadas a objetos crean un fichero fuente de PHP para cada definición de clase. Una de las mayores molestias es tener que hacer una larga lista de inclusiones al comienzo de cada script (uno por cada clase).

En PHP 5 esto ya no es necesario. La función spl_autoload_register() registra cualquier número de autocargadores, posibilitando que las clases e interfaces sean cargadas automáticamente si no están definidas actualmente. Al registrar autocargadores, a PHP se le da una última oportunidad de cargar las clases o interfaces antes de que falle por un error.

Sugerencia

Aunque la función __autoload() también puede ser empleada para autocargar clases e interfaces, es preferible utilizar la función spl_autoload_register(). Esto es debido a que es una alternativa más flexible (posibilitando que se pueda especificar cualquier número de autocargadores en la aplicación, tales como los de las bibliotecas de terceros). Por esta razón, se desaconseja el uso de __autoload() y es obsoleto a partir de PHP 7.2.0.

Nota:

Antes de 5.3.0, las excepciones lanzadas en la función __autoload() no podían ser capturadas en el bloque catch, resultando en un error fatal. Desde 5.3 en adelante, esto es posible simpre que, si se lanza una excepción personalizada, esté disponible la clase de la excepción personalizada. La función __autoload() podría utilizarse recursivamente para cargar la clase de excepción personalizada.

Nota:

La autocarga no está disponible si se utiliza PHP en el modo interactivo CLI.

Nota:

Si el nombre de la clase se utiliza, por ejemplo, en call_user_func(), este puede contener algunos caracteres peligrosos tales como ../. Se recomienda no utilizar la entrada del usuario en tales funciones, o al menos verificar dicha entrada en __autoload().

Ejemplo #1 Ejemplo de autocarga

Este ejemplo intenta cargar las clases MiClase1 y MiClase2 desde los ficheros MiClase1.php y MiClase2.php, respectivamente.

<?php
spl_autoload_register
(function ($nombre_clase) {
    include 
$nombre_clase '.php';
});

$obj  = new MiClase1();
$obj2 = new MiClase2();
?>

Ejemplo #2 Otro ejemplo de autocarga

Este ejemplo intenta cargar la interfaz IPrueba.

<?php

spl_autoload_register
(function ($nombre) {
    
var_dump($nombre);
});

class 
Foo implements IPrueba {
}

/*
string(7) "IPrueba"

Fatal error: Interface 'IPrueba' not found in ...
*/
?>

Ejemplo #3 Autocarga con manejo de excepciones para 5.3.0+

Este ejemplo lanza una excepción y demuestra los bloques try/catch.

<?php
spl_autoload_register
(function ($nombre) {
    echo 
"Intentando cargar $nombre.\n";
    throw new 
Exception("Imposible cargar $nombre.");
});

try {
    
$obj = new ClaseNoCargable();
} catch (
Exception $e) {
    echo 
$e->getMessage(), "\n";
}
?>

El resultado del ejemplo sería:

Intentando cargar ClaseNoCargable.
Imposible cargar ClaseNoCargable.

Ejemplo #4 Autocarga con manejo de excepciones para 5.3.0+: Excepción personalizada ausente

Este ejemplo lanza una excepción para una excepción personalizada no cargable.

<?php
spl_autoload_register
(function ($nombre) {
    echo 
"Intentando cargar $nombre.\n";
    throw new 
ExcepciónAusente("Imposible cargar $nombre.");
});

try {
    
$obj = new ClaseNoCargable();
} catch (
Exception $e) {
    echo 
$e->getMessage(), "\n";
}
?>

El resultado del ejemplo sería:

Intentando cargar ClaseNoCargable.
Intentando cargar ExcepciónAusente.

Fatal error: Class 'ExcepciónAusente' not found in testExcepcionAusente.php on line 4

add a note

User Contributed Notes 6 notes

up
96
jarret dot minkler at gmail dot com
13 years ago
You should not have to use require_once inside the autoloader, as if the class is not found it wouldn't be trying to look for it by using the autoloader.

Just use require(), which will be better on performance as well as it does not have to check if it is unique.
up
61
str at maphpia dot com
5 years ago
This is my autoloader for my PSR-4 clases. I prefer to use composer's autoloader, but this works for legacy projects that can't use composer.

<?php
/**
* Simple autoloader, so we don't need Composer just for this.
*/
class Autoloader
{
    public static function
register()
    {
       
spl_autoload_register(function ($class) {
           
$file = str_replace('\\', DIRECTORY_SEPARATOR, $class).'.php';
            if (
file_exists($file)) {
                require
$file;
                return
true;
            }
            return
false;
        });
    }
}
Autoloader::register();
up
17
toi]n[enkayt[attaat]gmaal.com
2 years ago
Autoloading plain functions is not supported by PHP at the time of writing. There is however a simple way to trick the autoloader to do this. The only thing that is needed is that the autoloader finds the searched class (or any other autoloadable piece of code) from the files it goes through and the whole file will be included to the runtime.

Let's say you have a namespaced file for functions you wish to autoload. Simply adding a class of the same name to that file with a single constant property is enough to trigger the autoloader to seek for the file. Autoloading can then be triggered by accessing the constant property.

The constant could be replaced by any static property or method or by default constructor. However, I personally find a constant named 'load' elegant and informative. After all this is a workaround. Another thing to keep in mind is that this introduces an unnecessary class to the runtime. The benefit of this is that there is no need to manually include or require files containing functions by path which in turn makes code maintaining easier. Such behaviour makes it easier to alter the project structure since manual includes need not to be fixed. Only the autoloader needs to be able to locate the moved files which can be automated.

A code file containing functions.
/Some/Namespace/Functions.php
<?php
namespace Some\Namespace;

class
Functions { const load = 1; }

function
a () {
}

function
b () {
}
?>

Triggering autoloading of the file containing functions.
main.php
<?php
\Some\Namespace\Functions::load;

a ();
b ();
?>
up
11
Anonymous
12 years ago
It's worth to mention, if your operating system is case-sensitive you need to name your file with same case as in source code eg. MyClass.php instead of myclass.php
up
3
kalkamar at web dot de
13 years ago
Because static classes have no constructor I use this to initialize such classes.
The function init will (if available) be called when you first use the class.
The class must not be included before, otherwise the init-function wont be called as autoloading is not used.

<?php
function __autoload($class_name)
{
    require_once(
CLASSES_PATH.$class_name.'.cls.php');
    if(
method_exists($class_name,'init'))
       
call_user_func(array($class_name,'init'));
    return
true;
}
?>

I use it for example to establish the mysql-connection on demand.

It is also possilbe do add a destructor by adding this lines to the function:
<?php
if(method_exists($class_name,'destruct'))
   
register_shutdown_function(array($class_name,'destruct'));
?>
up
1
info at atomosmaestoso dot com
2 months ago
Autoloading Classes with  spl_autoload_register() or spl_autoload() is the best and most modern way to securely code for API integration.

It restricts the various attacks that can be faced by using a "polyfill" or framework that is subject to data injection. Low level attacks, polyfill and framework vulnerabilities are some exploitations limited in using the core functionalities of your host programming language.

Your loop-holes and target endpoints are vastly removed to the level of programming experience of the developer - in not exposing the threats espoused to your programming language and its security protocols.

Each event you transfer data from one program to the next reveals another threat and another attack endpoint. When you are production, it is at this point composer and other tools that gather requirements specific secure integration should limit its use, such as PCI-DSS, HIPAA, or GDPR.

The use of a framework or polyfill gives an attacker hints at what point a function will access memory to produce intended results. Visiting the late L1-Cache Terminal Fault - attacks that use machine language to access memory and read what actually is happening will have all the details of what process is taking place and when.

Not to mention, when a product is open-source, the code is editable and easily compiled. Using access to machine level integrations a simply 10 second loss of time to process could well as infer the entire application has experienced an overhaul.

To deter this, and ensure maximum security for piece of mind and money-wise. The embedded resources of a programming language should be utilized at maximal capacity to prevent an overhaul on multiple endpoints. Visiting a system in use is not deletable or easily moved, removed or altered.
To Top