Page 1 of 1

running function from a string

Posted: Wed Oct 20, 2010 6:31 pm
by wurdup
I need to able to run a function from a string passed from a client but I can't get it to work. I've used eval($input) but can't use call_user_func because the parameters count may be different. I need something like:

Code: Select all


// read client input ( eg "myFunction()")
$input = socket_read($spawn, 1024);

$value = eval($input);
	
}

Any ideas?

Re: running function from a string

Posted: Wed Oct 20, 2010 6:32 pm
by John Cartwright
call_user_func_array()

And in case you wern't paying attention, that is not the same as call_user_func()

Re: running function from a string

Posted: Wed Oct 20, 2010 6:44 pm
by wurdup
thanks would work but I've figured out a better solution

eval("\$output = $input;");

I had already tried this but put a \ infront of $input. Thanks anway.

Re: running function from a string

Posted: Wed Oct 20, 2010 7:02 pm
by John Cartwright
Better solution? Ahem :roll: In fact, not only should you NEVER allow arbitrary user input to be executed as PHP code, simply put, you should just never use eval().