eval()

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

eval()

Post by neophyte »

I'm trying to send some html with PHP vars in it through eval(). I'm totally lost in the world of escaped/not escaped. I'm sooo confused. Not many examples of this in the PHP manual. Can someone lend me a hand:

Code: Select all

if (file_exists(RF_HTML.$header))
{
$html_header = file_get_contents(RF_HTML.$header);
$year = date('Y', time());
define('SERVERNAME', 'THIS SERVER');
eval("$html_header = $html_header;");		
return $html_header;
}

//The file called with file_get_contents() has this in it:

</td>
 <td width="146" valign="top" class="small"> 
</td>  
  </tr>
  <tr> 
    <td class="small">&copy;  '.$year.' '.SITENAME.' </td>
    <td>
</td>
    <td>&nbsp;</td>
  </tr>
</table>
Any tips you can post about eval() in general would be helpful. I mean I understand it accepts a string and evaluates it has code. But '"'"/"/" sort of thing gets confusing.

Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

why not include the file and save the hassle of using eval?
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

I'm trying to figure out eval()? What is it good for? What are it's limitations ect.. I think I've posted a good example of how not to use eval. Least wise I haven't been able to figure it out yet if it's possible. I think it's all the special chars in the html that's giving me headaches.

But tell me is this just a really dumb use for it? :roll: :oops:
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

depending on what $html_header is specifically...

Code: Select all

eval("\$html_header = $html_header;");
may work.. I can't remember off hand..

I avoid using eval() at all costs, mostly because of the danger of running generated code (which requires a LOT of testing to make sure it's not going to break).. It's far easier for me to use templating principles or other far less dangerous and easier to test systems of processing.

I have yet to collide with a situation where eval() is beneficial over other means. They may be out there, but I haven't seen any.
Post Reply