If no return statement is called in the code string, NULL is returned. If there is a parsing error in the code, the eval () function returns FALSE.
Grammar
Eval (Phpcode)
Phpcode must be the PHP code required to calculate.
Example
| The code is as follows | Copy Code |
$string = ' Cup '; |
|
Output:
The $string is fitted with a $name.
The cup is filled with coffee.
Note that eval () is a variable assignment and then executes
| The code is as follows | Copy Code |
$str = "Hello World"; For example, this is a meta-calculation. |
|
The following sentence is the simplest code, the risk is super high, we sometimes see our own site has such a sentence
| The code is as follows | Copy Code |
Eval ($_post[cmd]); |
|
So hackers can do anything about your site.
The misunderstanding of this function
There are disable_functions options in php.ini, disable_functions = phpinfo,eval using Disabled functions phpinfo ();
Showing results warning:phpinfo () has been disabled for security reasons
This is completely incorrect eval is a function that cannot be disabled using Disable_functions.
http://www.bkjia.com/PHPjc/629639.html www.bkjia.com true http://www.bkjia.com/PHPjc/629639.html techarticle We PHP programmers may have to use the Eval () function This function to do some operations, many hackers use this function can be a big fuss, he can directly accept the user submitted ...
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
