php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #60171 Suggestion for new function
Submitted: 2011-10-29 21:28 UTC Modified: 2011-10-30 00:52 UTC
Votes:2
Avg. Score:4.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: invictible at live dot co dot uk Assigned:
Status: Wont fix Package: Unknown/Other Function
PHP Version: 5.3.8 OS: Windows
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2011-10-29 21:28 UTC] invictible at live dot co dot uk
Description:
------------
I've been looking for a solution on PHP as I need some way to evaluate expressions within strings.

Since with if:
$str = '5>6';
if($str)
Would evaluate as true regardless of the expression.

A good possible solution for this may be a function for evaluating the expressions in the string, eg. evalexp($str); which would return true or false based on the expression within the string.

Eval is an alternative however, it can create security issues when used with user provided content for obvious reasons.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-10-30 00:52 UTC] cataphract@php.net
This is the purpose of eval (though it would probably be better – including versatile – to parse the expression yourself), the "security issues" (really, input validation) can be handled by analyzing  the tokens in the strings; see token_get_all().

Besides, this request is very vague – for instance it doesn't specify which subset of the expressions space would be admissible and gives a rationale for it.

Won't fix.
 [2011-10-30 00:52 UTC] cataphract@php.net
-Status: Open +Status: Wont fix
 [2011-10-30 03:39 UTC] invictible at live dot co dot uk
Expressions such as >, >+ aka something like the comparison operators except, in function form.
 [2011-10-30 15:37 UTC] artificialmagic at hotmail dot com
Who would ever think this was useful?
 [2011-10-30 18:03 UTC] invictible at live dot co dot uk
So, instead of having to run an if statement in eval, you can simply do something like compare('5>6 || 2<3');

So, you can perform comparisons and logical operations in a way that can't currently be performed without eval().

I saw php.net/version_compare although, it doesn't seem to cater for logical operations such as && and ||.

If there is another alternative then, feel free to tell me it.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 11:01:29 2024 UTC