Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Moderator: General Moderators
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Tue Jul 18, 2006 10:03 pm
What exactly is the security issue with eval() if no user input is in it?
joseluisloya
Forum Newbie
Posts: 3 Joined: Tue Jul 18, 2006 10:56 pm
Post
by joseluisloya » Tue Jul 18, 2006 10:58 pm
If no user input, theres no problem...
JoseLuis Loya
Jenk
DevNet Master
Posts: 3587 Joined: Mon Sep 19, 2005 6:24 am
Location: London
Post
by Jenk » Wed Jul 19, 2006 3:55 am
This is after my post about using eval() in a registry/service locator I presume?
viewtopic.php?p=284421#284421
Pretty much explains why I was concerned
patrikG
DevNet Master
Posts: 4235 Joined: Thu Aug 15, 2002 5:53 am
Location: Sussex, UK
Post
by patrikG » Wed Jul 19, 2006 5:24 am