Page 1 of 1

eval help

Posted: Fri Aug 07, 2009 10:32 pm
by 65bit
I'm pretty much a PHP novice ...

I understand the security concerns with eval, but this is for a process that only I use and have access to (not even on the internet). Can someone please help guide me on how to make this work?

I have 4 conditions I want to test, where the conditions can vary from scenario to scenario. With that, I’ve stored them in a table. I have the following 4 records where each condition is in its own record for “scenario x”:

Code: Select all

 
record 1; varchar field named condition = $row_dsee['field1']==0 and $row_dsee['field2']==0
record 2; varchar field named condition = $row_dsee['field1']==0 and $row_dsee['field2']>0
record 3; varchar field named condition = $row_dsee['field1']>0 and $row_dsee['field2']==0
record 4; varchar field named condition = $row_dsee['field1']>0 and $row_dsee['field2']>0
 
My code:

Code: Select all

 
while($row_cond=mysql_fetch_array($cond)) {
   $vcondition = $row_cond["condition"];
   if (eval("return " . $vcondition . ";")) {               
       $passed++;
   }
}
 
Even when field1 = 50 and field2 = 50 (both > 0), $passed goes up as a result of both record 3 AND record 4. It’s behaving as if it isn’t considering the part after the ‘and’, but I’m guessing there's more to it than that and I’m missing something with what eval is doing. I'm lost as to how to figure out what it's actually doing and where the problem might lie.

Any help would be greatly appreciated.

Thanks,
David

Re: eval help

Posted: Sat Aug 08, 2009 4:48 am
by frao_0
well, i don't think evaluating a return will return something.

what about

if($vcondition) $passed++;

I'm not sure eval is needed here

Re: eval help

Posted: Sat Aug 08, 2009 8:58 am
by 65bit
Trying that, $vcondition never evaluates to true, even for the one condition that it should (and $passed doesn't increment).

Re: eval help

Posted: Sat Aug 08, 2009 9:03 am
by frao_0

Code: Select all

if($row_cond["condition"]>15)
$passed++;
:| maybe...

Re: eval help

Posted: Sat Aug 08, 2009 9:05 am
by frao_0
Or maybe in your MySQL query

Code: Select all

SELECT * FROM `db`.`table` WHERE `ROW1`>50 AND `ROW2`>50