Allow to set change/disable destination array

[briedis]

I came across a project, which logs it's $_SERVER and $_ENV values in log file on errors, and that kinda sucks. I ended up with a small snippet, that clears $_ENV and $_SERVER from loaded values, but, getenv() function still works properly.

What do you thing about this option? I know this is a specific situation, but sometimes, a dev can by accident enable error reporting on production, which sometimes (Yii2, for example), dumps the whole ENV and SERVER array to the user. If that happens, all API keys, passwords, etc are compromised.

My current snippet:

// Anonymous function used so we don't introduce variables in global scope
call_user_func(function () {
    $oldEnvKeys = array_keys($_ENV);

    $dotEnv = new \Dotenv\Dotenv(__DIR__);
    $dotEnv->load();

    // Delete DotEnv loaded values from $_ENV and $_SERVER (we only use getenv function, to retrieve them)
    foreach ($_ENV as $k => $v) {
        if (!in_array($k, $oldEnvKeys)) {
            unset($_ENV[$k]);
            unset($_SERVER[$k]);
        }
    }
});

[GrahamCampbell]

Done in #300. See https://github.com/vlucas/phpdotenv#loader-customization for an example.

[GrahamCampbell]

Some examples.

---

Example 1

The following example assumes $path is the full path of the directory containing your .env file.

This example will load the .env file, returning the variables, AND will have the side effect of mutating your environment.

<?php

use Dotenv\Dotenv;

$dotenv = Dotenv::create($path);

$variables = $dotenv->load();

---

Example 2

The following example assumes $path is the full path of the directory containing your .env file.

Similar to the first example, only this time we avoid calling any non-thread-safe functions.

<?php

use Dotenv\Environment\Adapter\EnvConstAdapter;
use Dotenv\Environment\Adapter\ServerConstAdapter;
use Dotenv\Environment\DotenvFactory;
use Dotenv\Dotenv;

$factory = new DotenvFactory([new EnvConstAdapter(), new ServerConstAdapter()]);

Dotenv::create($path, null, $factory)->load();

---

EXAMPLE 3

The following example assumes $path is the full path of the directory containing your .env file.

This example will load the .env file, returning the variables, BUT will not mutate your current environment. This is because, in example 1, the default factory was used, so the adapters that mess with your actual environment are used.

<?php

use Dotenv\Environment\Adapter\ArrayAdapter;
use Dotenv\Environment\DotenvFactory;
use Dotenv\Dotenv;

$dotenv = Dotenv::create($path, null, new DotenvFactory([new ArrayAdapter()]));

$variables = $dotenv->load();

---

EXAMPLE 4

The following example assumes $content contains the actual content of your env file:

Once again, this example will not mutate your actual environment, allowing you to inspect the contents of an env file in isolation.

<?php

use Dotenv\Environment\Adapter\ArrayAdapter;
use Dotenv\Environment\DotenvFactory;
use Dotenv\Loader;

$loader = new Loader([], new DotenvFactory([new ArrayAdapter()]));

$variables = $loader->loadDirect($content));