The eval () function is a function that everyone in PHP wants to disable, and the Eval () function is very dangerous oh, let me give you some questions and solutions to the eval () function in PHP.
Have you ever felt that the eval () function doesn't seem to be an assignment operation? Some articles on the internet have said so!
such as eval ("$a =;"); This formula will prompt the error!
is not the eval () function execution code can not do assignment operation, actually not. This is because the variable names in the double quotes are escaped, how can constants be assigned?
However, in PHP, the variable name in single quotes is not escaped, and the code above is changed to eval (' $a =; '); So there's no mistake!
Eval () An interesting php function
With code testing, there's no more explanation:
The code is as follows |
Copy Code |
Parse error:syntax error, unexpected ' echo ' (T_echo) in e:webwwwswoole_testeval.php (4): eval () ' D code on line 1 Word! */
?> |
Second, when there is illegal PHP code in the string, error. I believe we all know it!
The code is as follows |
Copy Code |
$str = ' Hello, world! echo "Hello,"; $content = eval ('?> '. $str); Note that the eval is now in Riga "? > "string Echo ' word! '; Execution Result: /* Hello, world! echo "Hello,"; word! */
?> |
Three, at this time, there are illegal PHP code inside the string, but, no error.
-Because the prefix "?>" (PHP Terminator), it has the following "string" All as a "string", right!
On the basis of (c), the embedded module in the string , equivalent to the HTML file embedded in the PHP code. What would it be like?
The code is as follows |
Copy Code |
$str = ' Hello, world! '; $content = eval ('?> '. $str); Echo ' word! '; Execution Result: /* Hello, world! hello,word! */ ?> |
Ok! It will recognize the PHP module in the "string" and execute it!
The above example illustrates the role of eval ('?> ' $str) and eval ($STR).
In fact, the eval ($str) $str inside,
If the string contains a
Then the $STR string must be preceded by a "?>" PHP Terminator.
In Ecshop's template engine, the eval ('?> '. $str) method is used to parse the embedded PHP module in the template---of course, before that, the tag parsing is translated into PHP code.
http://www.bkjia.com/PHPjc/628738.html www.bkjia.com true http://www.bkjia.com/PHPjc/628738.html techarticle The eval () function is a function that everyone in PHP wants to disable, and the Eval () function is very dangerous oh, let me give you some questions and solutions to the eval () function in PHP. It's been a long time since ...