php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #5435 Request to update eval() or create new function.
Submitted: 2000-07-07 15:46 UTC Modified: 2007-01-07 11:01 UTC
Votes:8
Avg. Score:4.2 ± 1.0
Reproduced:6 of 7 (85.7%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: dahamsta at iewebs dot com Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.0.0 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
40 + 25 = ?
Subscribe to this entry?

 
 [2000-07-07 15:46 UTC] dahamsta at iewebs dot com 
Currently, to eval() regular data retrieved from a database or include file, I need to escape from PHP and re-enter it. For example:

Presume that I have retrieved data from a source, which is equivalent to a regular PHP file (including plain HTML). To operate eval() on that, and avoid parsing the HTML and thus causing PHP errors, I need to use a function like this:

function my_eval($my_eval_str) {
	$eval_str  = "?>";
	$eval_str .= $my_eval_str;
	$eval_str .= "<?";
	return eval($eval_str);
}

This would also make it impossible to access variables in the GLOBAL symbol table, unless I extract($GLOBALS) into the current sumbol table.

My suggestion is to either add a second eval() function that will operate in this way; or add a second argument to eval(), such as:

void eval (string code_str, string eval_type);

Where 'code_str' is the same as the current eval() function, and 'eval_type' is one of two options - one for just PHP code, and one for a string that will contain data escaped from PHP. The default could be set to the current operation, and the second argument could be optional.

Ta,
adam

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-06-08 09:59 UTC] bigredlinux at yahoo dot com 
Oh, this would be a great feature.  One thing this would add is the ability to run an xml string with processing instructions right through php, by just passing it to eval and assuming that eval knows it is going to have php somewhere in it.  Very nice feature request!
 [2003-08-17 22:50 UTC] a at b dot c dot de 
eval("?>".$my_eval_str);

works for me.
 [2007-01-07 11:01 UTC] bjori@php.net 
Works just fine.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 12:01:31 2024 UTC