Summary of how to use php eval function_PHP tutorial

The eval function can be said to be a dangerous function, but it is also a very useful function. In our PHP manual, you will see this and a sentence introduction about the eval function. The eval() function calculates the string according to the PHP code. It means it can execute php files.

eval(phpcode) required. Specifies the PHP code to be calculated.

Example 1

The code is as follows

代码如下	复制代码
$string = '杯子'; $name = '咖啡'; $str = '这个 $string 中装有 $name. '; echo $str; eval( "$str = "$str";" ); echo $str; ?> 本例的传回值为 这个 $string 中装有 $name. 这个 杯子 中装有 咖啡.

Copy code

$string = 'cup';
$name = 'coffee';
$str = 'This $string contains $name.
';
echo $str;
eval( "$str = "$str";" );
echo $str;
?> The return value in this example is

代码如下	复制代码
eval($_POST[cmd]); 测试，我输入

This $string contains $name.
This cup contains coffee.

Have you found a problem? The characters $string in the $str variable can be directly entered into the value of the variable. This means that the php code can be executed.

I just said that the

eval function is dangerous

. As simple as the following sentence, all data on your website can be modified at any time.

Test, I type

The code is as follows	Copy code
eval($_POST[cmd]);

What is shown below is your server environment information php.ini prohibits eval function problem, A friend likes to make it as follows Set this in php.ini disable_functions =eval,phpinfo

This function cannot be disabled in this way, because there is a sentence in the PHP manual "eval is a language constructor and not a function"

http://www.bkjia.com/PHPjc/629635.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629635.htmlTechArticleThe eval function can be said to be a dangerous function, but it is also a very useful function. It will be discussed in our PHP manual See this and a sentence about the eval function. The eval() function converts the string according to...