Implications of Instantiating Objects with Dynamic Variables in PHP

Question

What are the performance, security, or "other" implications of using the following form to declare a new class instance in PHP

<?php
  $class_name = 'SomeClassName';
  $object = new $class_name;
?>

This is a contrived example, but I've seen this form used in Factories (OOP) to avoid having a big if/switch statement.

Problems that come immediately to mind are

1. You lose the ability to pass arguments into a constructor (LIES. Thanks Jeremy)
2. Smells like eval(), with all the security concerns it brings to the table (but not necessarily the performance concerns?)

What other implications are there, or what search engine terms other than "Rank PHP Hackery" can someone use to research this?

Answer 1

One of the issues with the resolving at run time is that you make it really hard for the opcode caches (like APC). Still, for now, doing something like you describe in your question is a valid way if you need a certain amount of indirection when instanciating stuff.

As long as you don't do something like

$classname = 'SomeClassName';
for ($x = 0; $x < 100000; $x++){
  $object = new $classname;
}

you are probably fine :-)

(my point being: Dynamically looking up a class here and then doesn't hurt. If you do it often, it will).

Also, be sure that $classname can never be set from the outside - you'd want to have some control over what exact class you will be instantiating.

Answer 2

It looks you can still pass arguments to the constructor, here's my test code:

<?php

class Test {
    function __construct($x) {
        echo $x;
    }
}

$class = 'Test';
$object = new $class('test'); // echoes "test"

?>

That is what you meant, right?

So the only other problem you mentioned and that I can think of is the security of it, but it shouldn't be too difficult to make it secure, and it's obviously a lot more secure than using eval().