The eval () function is a function that everyone wants to disable in php. The eval () function is very dangerous. Let's introduce eval () in php () function problems and solutions.
For a long time, it seems that the eval () function cannot be used for value assignment? Some articles on the Internet also said this!
For example, eval ("$ a =;"); an error will be prompted for this formula!
Is it true that the Code executed by eval () functions cannot be used for value assignment? Actually, it is not. This is because the variable name in double quotation marks is escaped. How can a constant be assigned a value?
However, in PHP, the variable name in single quotes will not be escaped, and the above Code will be changed to eval ('$ a =;'); so there will be no errors!
Eval () an interesting PHP function
Test the code without further explanation:
The Code is as follows: |
Copy code |
Parse error: syntax error, unexpected 'echo '(T_ECHO) in E: webwwwswoole_testeval.php (4): eval () 'd code on line 1 Word! */
?> |
2. An error is reported when the string contains invalid php code. I believe everyone knows it!
The Code is as follows: |
Copy code |
<? Php
$ Str = 'hello, world! Echo "Hello ,";'; $ Content = eval ('?> '. $ Str); // note that "?> "String Echo 'word! '; // Execution result: /* Hello, world! Echo "Hello,"; word! */
?> |
3. At this time, the string contains invalid php code, but no error is reported.
-Because "?> "(Php Terminator), which treats all the following" strings "as" strings ", right!
The following is embedded in strings on the basis of (3). <? Php...?> Module, which is equivalent to embedding php code in html files. What will it do?
The Code is as follows: |
Copy code |
<? Php $ Str = 'hello, world! <? Php echo "Hello," ;?> '; $ Content = eval ('?> '. $ Str ); Echo 'word! '; // Execution result: /* Hello, world! Hello, word! */ ?> |
OK! It will recognize the php module in the "string" and execute it!
The above example illustrates eval ('?> '. $ Str) and eval ($ str.
Actually, in $ str of eval ($ str,
If the string contains <? Php...?> ,
Then the $ str string must be in the <? Php...?> Add "?>" Php Terminator.
In the template engine of Ecshop, eval ('?> '. $ Str) This method is used to parse the php module embedded in the template. Before that, of course, the tag parsing is first translated into php code.