The eval () function is a function that everyone wants to disable in php. The eval () function is very dangerous. let's introduce eval () in php () function problems and solutions.
For a long time, it seems that the eval () function cannot be used for value assignment? Some articles on the Internet also said this! For example, eval ("$ a =;"); an error will be prompted for this formula! Isn't the code executed by eval () function no longer capable of assigning values? actually, it's not because the variable name in double quotation marks is Escaped. how can a constant be assigned a value? However, in PHP, the variable name in single quotes will not be escaped, and the above code will be changed to eval ('$ a =;'); so there will be no errors!
Eval () an interesting PHP function
Test the code without further explanation:
The instance code is as follows:
- Parse error: syntax error, unexpected 'echo '(T_ECHO) in E: webwwwswoole_testeval.php (4): eval () 'd code on line 1
- Word!
- */
- ?>
2. when there is illegal php code in the string, an error is reported. I believe everyone knows it!
The instance code is as follows:
-
-
- $ Str = 'Hello, World! Echo "Hello ,";';
- $ Content = eval ('?> '. $ Str); // note that "?> "String
- Echo 'Word! ';
- // Execution result:
- /*
- Hello, world! Echo "Hello,"; word!
- */
- ?>
3. at this time, the string contains invalid php code, but no error is reported.
Because "?> "(Php Terminator), which treats all the following" strings "as" strings ", right! The following is an embedded string based on (3 ). The module is equivalent to Embedding php code in an html file. what does it do?
The instance code is as follows:
-
- $ Str = 'Hello, World! ';
- $ Content = eval ('?> '. $ Str );
- Echo 'Word! ';
- // Execution result:
- /*
- Hello, world! Hello, word!
- */
- ?>
OK! It will recognize the php module in the "string" and execute it!
The above example illustrates eval ('?> '. $ Str) and eval ($ str). In fact, in $ str of eval ($ str), if the string contains $ Str string must be Add "?>" Php Terminator.
In the template engine of Ecshop, eval ('?> '. $ Str) this method is used to parse the php module embedded in the template. Before that, of course, the tag parsing is first translated into php code.