From 28ad44cba9cdd0bc42d611fd4f77987a2c9422f3 Mon Sep 17 00:00:00 2001
From: Jeremy Mikola <jmikola@gmail.com>
Date: Thu, 24 Sep 2015 14:18:42 -0400
Subject: [PATCH 1/2] Previous break statement makes the else condition
 redundant

---
 src/bson.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/bson.c b/src/bson.c
index 12b3651f3..fa312c5c7 100644
--- a/src/bson.c
+++ b/src/bson.c
@@ -806,7 +806,9 @@ PHONGO_API void zval_to_bson(zval *data, php_phongo_bson_flags_t flags, bson_t *
 				}
 
 				break;
-			} else if (instanceof_function(Z_OBJCE_P(data), php_phongo_type_ce TSRMLS_CC)) {
+			}
+
+			if (instanceof_function(Z_OBJCE_P(data), php_phongo_type_ce TSRMLS_CC)) {
 				phongo_throw_exception(PHONGO_ERROR_UNEXPECTED_VALUE TSRMLS_CC, "%s instance %s cannot be serialized as a root element", php_phongo_type_ce->name, Z_OBJCE_P(data)->name);
 
 				break;

From fd36e94fa82f68c2c2b0f23e7bc3ba03aed3bb87 Mon Sep 17 00:00:00 2001
From: Jeremy Mikola <jmikola@gmail.com>
Date: Thu, 24 Sep 2015 14:20:00 -0400
Subject: [PATCH 2/2] PHPC-393: Ignore non-public properties when encoding BSON

---
 src/bson.c                       | 28 ++++++++++++++++++++++++++--
 tests/bson/bson-fromPHP-002.phpt |  5 ++---
 tests/bson/bson-fromPHP-003.phpt | 14 ++++++--------
 3 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/src/bson.c b/src/bson.c
index fa312c5c7..3aac72ca7 100644
--- a/src/bson.c
+++ b/src/bson.c
@@ -774,12 +774,28 @@ void phongo_bson_append(bson_t *bson, php_phongo_bson_flags_t flags, const char
 	}
 }
 
+static bool is_public_property(zend_class_entry *ce, const char *prop_name, int prop_name_len TSRMLS_DC) /* {{{ */
+{
+	zend_property_info *property_info;
+	zval member;
+
+	ZVAL_STRINGL(&member, prop_name, prop_name_len, 0);
+	property_info = zend_get_property_info(ce, &member, 1 TSRMLS_CC);
+
+	return (property_info && (property_info->flags & ZEND_ACC_PUBLIC));
+}
+/* }}} */
+
 PHONGO_API void zval_to_bson(zval *data, php_phongo_bson_flags_t flags, bson_t *bson, bson_t **bson_out TSRMLS_DC) /* {{{ */
 {
 	HashPosition pos;
 	HashTable   *ht_data = NULL;
 	zval        *obj_data = NULL;
 
+	/* If we will be encoding a class that may contain protected and private
+	 * properties, we'll need to filter them out later. */
+	bool         ht_data_from_properties = false;
+
 	switch(Z_TYPE_P(data)) {
 		case IS_OBJECT:
 			if (instanceof_function(Z_OBJCE_P(data), php_phongo_serializable_ce TSRMLS_CC)) {
@@ -813,7 +829,10 @@ PHONGO_API void zval_to_bson(zval *data, php_phongo_bson_flags_t flags, bson_t *
 
 				break;
 			}
-			/* break intentionally omitted */
+
+			ht_data = Z_OBJ_HT_P(data)->get_properties(data TSRMLS_CC);
+			ht_data_from_properties = true;
+			break;
 
 		case IS_ARRAY:
 			ht_data = HASH_OF(data);
@@ -850,11 +869,16 @@ PHONGO_API void zval_to_bson(zval *data, php_phongo_bson_flags_t flags, bson_t *
 		}
 
 		if (hash_type == HASH_KEY_IS_STRING) {
-			if (Z_TYPE_P(data) == IS_OBJECT) {
+			if (ht_data_from_properties) {
 				const char *class_name;
 
 				zend_unmangle_property_name(key, key_len-1, &class_name, (const char **)&key);
 				key_len = strlen(key);
+
+				/* Ignore non-public properties */
+				if (!is_public_property(Z_OBJCE_P(data), key, key_len TSRMLS_CC)) {
+					continue;
+				}
 			} else {
 				/* Chop off the \0 from string lengths */
 				key_len -= 1;
diff --git a/tests/bson/bson-fromPHP-002.phpt b/tests/bson/bson-fromPHP-002.phpt
index 9df8e004e..c64929ba8 100644
--- a/tests/bson/bson-fromPHP-002.phpt
+++ b/tests/bson/bson-fromPHP-002.phpt
@@ -24,7 +24,6 @@ hex_dump($s);
 ===DONE===
 <?php exit(0); ?>
 --EXPECT--
-Test { "foo" : 1, "bar" : 2, "baz" : 3 }
-     0 : 20 00 00 00 10 66 6f 6f 00 01 00 00 00 10 62 61  [ ....foo......ba]
-    10 : 72 00 02 00 00 00 10 62 61 7a 00 03 00 00 00 00  [r......baz......]
+Test { "baz" : 3 }
+     0 : 0e 00 00 00 10 62 61 7a 00 03 00 00 00 00        [.....baz......]
 ===DONE===
diff --git a/tests/bson/bson-fromPHP-003.phpt b/tests/bson/bson-fromPHP-003.phpt
index 219516e42..68b1bbddb 100644
--- a/tests/bson/bson-fromPHP-003.phpt
+++ b/tests/bson/bson-fromPHP-003.phpt
@@ -37,12 +37,10 @@ Test { "0" : { "$date" : 1416445411987 } }
      0 : 10 00 00 00 09 30 00 93 c2 b9 ca 49 01 00 00 00  [.....0.....I....]
 Test { "x" : { "$date" : 1416445411987 } }
      0 : 10 00 00 00 09 78 00 93 c2 b9 ca 49 01 00 00 00  [.....x.....I....]
-Test { "0" : { "foo" : 1, "bar" : 2, "baz" : 3 } }
-     0 : 28 00 00 00 03 30 00 20 00 00 00 10 66 6f 6f 00  [(....0. ....foo.]
-    10 : 01 00 00 00 10 62 61 72 00 02 00 00 00 10 62 61  [.....bar......ba]
-    20 : 7a 00 03 00 00 00 00 00                          [z.......]
-Test { "x" : { "foo" : 1, "bar" : 2, "baz" : 3 } }
-     0 : 28 00 00 00 03 78 00 20 00 00 00 10 66 6f 6f 00  [(....x. ....foo.]
-    10 : 01 00 00 00 10 62 61 72 00 02 00 00 00 10 62 61  [.....bar......ba]
-    20 : 7a 00 03 00 00 00 00 00                          [z.......]
+Test { "0" : { "baz" : 3 } }
+     0 : 16 00 00 00 03 30 00 0e 00 00 00 10 62 61 7a 00  [.....0......baz.]
+    10 : 03 00 00 00 00 00                                [......]
+Test { "x" : { "baz" : 3 } }
+     0 : 16 00 00 00 03 78 00 0e 00 00 00 10 62 61 7a 00  [.....x......baz.]
+    10 : 03 00 00 00 00 00                                [......]
 ===DONE===