Tips for eval () in PHP

Source: Internet
Author: User
Tags parse error

The eval () function is a function that everyone wants to disable in php. The eval () function is very dangerous. Let's introduce eval () in php () function problems and solutions.

For a long time, it seems that the eval () function cannot be used for value assignment? Some articles on the Internet also said this!

For example, eval ("$ a =;"); an error will be prompted for this formula!

Is it true that the Code executed by eval () functions cannot be used for value assignment? Actually, it is not. This is because the variable name in double quotation marks is escaped. How can a constant be assigned a value?

However, in PHP, the variable name in single quotes will not be escaped, and the above Code will be changed to eval ('$ a =;'); so there will be no errors!

Eval () an interesting PHP function

Test the code without further explanation:

The Code is as follows: Copy code

Parse error: syntax error, unexpected 'echo '(T_ECHO) in E: webwwwswoole_testeval.php (4): eval () 'd code on line 1

Word!

*/

?>

2. An error is reported when the string contains invalid php code. I believe everyone knows it!

 

The Code is as follows: Copy code


<? Php

$ Str = 'hello, world! Echo "Hello ,";';

$ Content = eval ('?> '. $ Str); // note that "?> "String

Echo 'word! ';

// Execution result:

/*

Hello, world! Echo "Hello,"; word!

*/

?>

3. At this time, the string contains invalid php code, but no error is reported.

-Because "?> "(Php Terminator), which treats all the following" strings "as" strings ", right!

The following is embedded in strings on the basis of (3). <? Php...?> Module, which is equivalent to embedding php code in html files. What will it do?

The Code is as follows: Copy code

<? Php

$ Str = 'hello, world! <? Php echo "Hello," ;?> ';

$ Content = eval ('?> '. $ Str );

Echo 'word! ';

// Execution result:

/*

Hello, world! Hello, word!

*/

?>

OK! It will recognize the php module in the "string" and execute it!

 

The above example illustrates eval ('?> '. $ Str) and eval ($ str.

Actually, in $ str of eval ($ str,

If the string contains <? Php...?> ,

Then the $ str string must be in the <? Php...?> Add "?>" Php Terminator.


In the template engine of Ecshop, eval ('?> '. $ Str) This method is used to parse the php module embedded in the template. Before that, of course, the tag parsing is first translated into php code.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.