//             What Mother Never Told You about Java

// This program demonstrates how to access private variables and methods
// using Java reflection. This feature has always existed in Java but not
// advertised much, presumably because it's easier to tell certain people that
// "private" is necessary for security. Calling something private in a class
// is a means of *encapsulation* which does not necessarily impact security.
// Unfortunately, sometimes you will need access to these variables, when for
// instance, you are extending a class.

// In this program the class "account" was written to keep the "balance"
// variable private. When a large withdraw is made there is a very slight
// chance that the customer will win a prize, in which case the private
// method "winprize" will be called. But both balance and winprize can
// in fact be accessed externally using reflection. To protect such an
// "account" you will need much more sophisticated security measures, i.e.,
// passwords and encryption. 

import java.lang.reflect.*;    // System.Reflection in C#

class account
{
    private double balance;  ///// PRIVATE VARS CAN'T BE SEEN BY BAD PEOPLE!
    public account(double b) { balance=b; }
    public void withdraw(double amt) {
      if (amt>0 && amt<balance) balance -= amt; 
    }
    public void deposit(double amt) {
	if (amt>0) balance += amt;
	if (amt>1000000 && Math.random()<.000000000001) //the rich get richer
	  winprize(); // you won you lucky hacker!
    }
    public double inquiry() { return balance; }

    private void winprize() { balance += 10000; } // only call internally!
}//account

public class mother
{
    public static void main(String[] argv) throws Exception
    {
        account youraccount = new account(1000);
	Field bal = account.class.getDeclaredField("balance");
	bal.setAccessible(true);

	double yourbalance = bal.getDouble(youraccount);
	System.out.println("your 'private' balance was "+yourbalance);

	bal.setDouble(youraccount,0);  // balance set to 0.  Motherhacker!!
	System.out.println("but now it is "+youraccount.inquiry());

	//what "private" methods this sucker don't want me to call?
	Method[] F = account.class.getDeclaredMethods();
        System.out.println("all methods of account class:");
	for(Method m:F) {System.out.println(m.getName());}
	Method alwayswin = account.class.getDeclaredMethod("winprize");
	alwayswin.setAccessible(true);
	for(int i=0;i<100;i++) alwayswin.invoke(youraccount);

	System.out.println("But you're extremely lucky and your balance is now "+youraccount.inquiry());
    }//main
}
/* OUTPUT:
your 'private' balance was 1000.0
but now it is 0.0
all methods of account class:
withdraw
deposit
winprize
inquiry
But you're extremely lucky and your balance is now 1000000.0
*/

/*            Why Mother Lied to You About Java


You: Hi Mom! I'm so happy to be a Java programmer now!

Mom: Good for you sweetheart.  What kind of programs are you writing?

You: I'm writing a program to keep track of bank accounts.  I'm making
     all my instance variables PRIVATE so my software is secure
     against nasty hackers.  Your balance will be safe with me!

Mom: Oh no, sweetheart!  I knew this day will come.  I'm really sorry but 
     there's something I never told you about Java. 

You: NO WAY!  What didn't you tell me about Java?

Mom: That making something private will not protect you from hackers.
     There's a package called java.lang.reflect that has tools for you
     to access/change private fields, call private methods, and even
     list all the private components of any class so you'll know which
     ones to access.

You: WHAT THE-! You told me to never tell a lie and yet you lied to me?!
     I CAN NEVER TRUST YOU AGAIN.  You are a BAD MOTHER!

Mom: The idea of making something private is a technique of information
     hiding, which is a core concept of high-level programming.  It's about
     making your code modular, like when we use statically scoped local
     variables instead of global variables.  It was never about security.

You: But you said that unless I made my variables private that I WOULD
     GET A WHOLE BUNCH OF VIRUSES!

Mom: It was all for your own good.  It's just like how I used to tell
     you to eat all your vegetables or Santa Claus won't come to our
     house.  It was just something that was easier for you to believe
     in back then, compared to the nutritional value of vegetables for
     your long term health.
     
     But now I'm beginning to realize that perhaps the whole idea of
     'private' is based on a naive understanding of abstraction, of
     what's required sometimes to develop software modularly. Perhaps
     'private' is too restricting and that's why these reflection
     techniques exist for you to circumvent it when you have to.

You: What are you trying to say mom?  I didn't really have to eat 
     vegetables either?

Mom: Of course you do! Eat up.
*/