PHP :: Request #40722 :: future request:add "safe eval" function

Request #40722	future request:add "safe eval" function
Submitted:	2007-03-05 05:56 UTC	Modified:	2007-03-05 10:13 UTC
From:	shimon at schoolportal dot co dot il	Assigned:
Status:	Not a bug	Package:	Feature/Change Request
PHP Version:	4.4.5	OS:	na
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2007-03-05 05:56 UTC] shimon at schoolportal dot co dot il

Description:
------------
i would be cool to have a "safe eval" function
for example:
eval($code, $safe=true,$safe_alow,$safe_disalow ,or  $safe_ini_settings);

i do want users to insert some code to use database and simple php
in their free web site to create info boxes and small website components  or php in their site templates. but i want to stay safe.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2007-03-05 10:13 UTC] tony2001@php.net

I'm afraid we'll never go this route again.
You have to manage privileges using your OS utilities, not PHP.
Also, the meaining of "safety" is quite dim in this particular case, so I can't just imagine a function that would be safe _for everyone_ and useable _for everyone_ without having a bunch of arguments or INI options.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun May 19 12:01:30 2024 UTC