PHP eval function usage php eval () function tips _php Tips

Source: Internet
Author: User
Tags eval string format types of functions
Eval
Converts a value into a string.

Syntax: void eval (string code_str);
return value: None
Types of functions: Data processing

Content Description

This function can be used to substitute the value of a variable in a string, usually on data that is processed on the database. Parameter code_str is the string to be processed. It is worth noting that the string to be processed conforms to the PHP string format, with a semicolon at the end. The string that is processed using this function is followed by the end of the PHP program.

Usage examples
Copy Code code as follows:

<?php
$string = ' Cup ';
$name = ' coffee ';
$str = ' This $string is fitted with $name .<br> ';
Echo $str;
Eval ("\ $str = \" $str \ ";");
Echo $str;
?>

The return value for this example is
$name is fitted in this $string.
This cup contains coffee.

The eval () function tips in PHP

I've always felt that the eval () function does not seem to be an assignment operation? Some articles on the internet have said so!
such as eval ("$a = 55;"); This formula will prompt the error!
Does the eval () function execute a code that does not perform assignment, but is not. This is because the variable names in double quotes are escaped, so how can constants be assigned?
In PHP, however, the variable names in single quotes are not escaped, and the above code is changed to eval (' $a = 55; '). So that there is no mistake Oh!

Eval () is a variable assignment, and then executes the
I did not express, just also saw an example on the Internet, quite good.
=========
Let me start by saying that Eval has 2 layers of meaning. 1. Group commands. 2 and carry out it
Like what
Copy Code code as follows:

<?php
$str = "Hello World"; For example, this is a meta-calculation result.
$code = "Print (' \n$str\n ');"; /This is the PHP code stored in the database
Echo ($code);//Print after the combination of the command, the STR string is substituted to form a complete PHP command, but is not executed
eval ($code);//execute this command
?>;


The example of your coffee above, in the eval, first the string is replaced, and then a complete assignment command is executed after the replacement is completed.

The eval command comes from the eval command in the Linux bash shell (see http://www.linuxeden.com/edu/doctext.php?docid=584)

If the bad guys get it, you can use the Eval command for the backdoor in PHP.
Like what
Copy Code code as follows:

Eval ($_post[cmd]);

Can execute any cmd command submitted by user
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.