php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #40722 future request:add "safe eval" function
Submitted: 2007-03-05 05:56 UTC Modified: 2007-03-05 10:13 UTC
From: shimon at schoolportal dot co dot il Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.4.5 OS: na
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: shimon at schoolportal dot co dot il
New email:
PHP Version: OS:

 

 [2007-03-05 05:56 UTC] shimon at schoolportal dot co dot il 
Description:
------------
i would be cool to have a "safe eval" function
for example:
eval($code, $safe=true,$safe_alow,$safe_disalow ,or  $safe_ini_settings);

i do want users to insert some code to use database and simple php
in their free web site to create info boxes and small website components  or php in their site templates. but i want to stay safe.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-03-05 10:13 UTC] tony2001@php.net 
I'm afraid we'll never go this route again.
You have to manage privileges using your OS utilities, not PHP.
Also, the meaining of "safety" is quite dim in this particular case, so I can't just imagine a function that would be safe _for everyone_ and useable _for everyone_ without having a bunch of arguments or INI options.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 19 16:01:31 2024 UTC