|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #5435 Request to update eval() or create new function.
Submitted: 2000-07-07 15:46 UTC Modified: 2007-01-07 11:01 UTC
Avg. Score:4.2 ± 1.0
Reproduced:6 of 7 (85.7%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: dahamsta at iewebs dot com Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.0.0 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
37 - 25 = ?
Subscribe to this entry?

 [2000-07-07 15:46 UTC] dahamsta at iewebs dot com
Currently, to eval() regular data retrieved from a database or include file, I need to escape from PHP and re-enter it. For example:

Presume that I have retrieved data from a source, which is equivalent to a regular PHP file (including plain HTML). To operate eval() on that, and avoid parsing the HTML and thus causing PHP errors, I need to use a function like this:

function my_eval($my_eval_str) {
	$eval_str  = "?>";
	$eval_str .= $my_eval_str;
	$eval_str .= "<?";
	return eval($eval_str);

This would also make it impossible to access variables in the GLOBAL symbol table, unless I extract($GLOBALS) into the current sumbol table.

My suggestion is to either add a second eval() function that will operate in this way; or add a second argument to eval(), such as:

void eval (string code_str, string eval_type);

Where 'code_str' is the same as the current eval() function, and 'eval_type' is one of two options - one for just PHP code, and one for a string that will contain data escaped from PHP. The default could be set to the current operation, and the second argument could be optional.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2002-06-08 09:59 UTC] bigredlinux at yahoo dot com
Oh, this would be a great feature.  One thing this would add is the ability to run an xml string with processing instructions right through php, by just passing it to eval and assuming that eval knows it is going to have php somewhere in it.  Very nice feature request!
 [2003-08-17 22:50 UTC] a at b dot c dot de

works for me.
 [2007-01-07 11:01 UTC]
Works just fine.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Sep 22 21:01:24 2023 UTC