|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #5435 Request to update eval() or create new function.
Submitted: 2000-07-07 15:46 UTC Modified: 2007-01-07 11:01 UTC
Avg. Score:4.2 ± 1.0
Reproduced:6 of 7 (85.7%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: dahamsta at iewebs dot com Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.0.0 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: dahamsta at iewebs dot com
New email:
PHP Version: OS:


 [2000-07-07 15:46 UTC] dahamsta at iewebs dot com
Currently, to eval() regular data retrieved from a database or include file, I need to escape from PHP and re-enter it. For example:

Presume that I have retrieved data from a source, which is equivalent to a regular PHP file (including plain HTML). To operate eval() on that, and avoid parsing the HTML and thus causing PHP errors, I need to use a function like this:

function my_eval($my_eval_str) {
	$eval_str  = "?>";
	$eval_str .= $my_eval_str;
	$eval_str .= "<?";
	return eval($eval_str);

This would also make it impossible to access variables in the GLOBAL symbol table, unless I extract($GLOBALS) into the current sumbol table.

My suggestion is to either add a second eval() function that will operate in this way; or add a second argument to eval(), such as:

void eval (string code_str, string eval_type);

Where 'code_str' is the same as the current eval() function, and 'eval_type' is one of two options - one for just PHP code, and one for a string that will contain data escaped from PHP. The default could be set to the current operation, and the second argument could be optional.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2002-06-08 09:59 UTC] bigredlinux at yahoo dot com
Oh, this would be a great feature.  One thing this would add is the ability to run an xml string with processing instructions right through php, by just passing it to eval and assuming that eval knows it is going to have php somewhere in it.  Very nice feature request!
 [2003-08-17 22:50 UTC] a at b dot c dot de

works for me.
 [2007-01-07 11:01 UTC]
Works just fine.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Dec 01 21:01:27 2023 UTC