How to use php eval function Tips on eval() function in PHP_PHP tutorial

eval
Substitute the value into the string.

Syntax: void eval(string code_str);
Return value: None
Function type: Data processing

Content description

This function can Substituting the variable value in the string is usually used to process database data. The parameter code_str is the string to be processed. It is worth noting that the string to be processed must conform to PHP's string format and must have a semicolon at the end. The string processed using this function will be continued until the end of the PHP program.

Usage example

Copy code The code is as follows:

$string = 'cup';
$name = 'coffee';
$str = 'This $string contains $name.
';
echo $str;
eval( "$ str = "$str";" );
echo $str;
?>

The return value in this example is
This $string contains $name .
This cup contains coffee.

Tips for the eval() function in PHP

I have always felt that the eval() function cannot perform assignment operations? Some articles on the Internet also said this!
For example, eval("$a=55;"); this formula will prompt an error!
Is it because the code executed by the eval() function cannot perform assignment operations? In fact, it is not. This is because the variable name in double quotes is escaped. How can a constant be assigned a value?
However, in PHP, variable names in single quotes will not be escaped. Change the above code to eval('$a=55;'); so there is no error!

eval() is to assign a value to a variable and then execute it
I can’t express myself well, I just saw an example online, it’s pretty good.
=========
Let me start from the beginning, eval has two meanings. 1. Combine commands. 2 and execute it
such as

Copy the code The code is as follows:

$str= "hello world"; //For example, this is the calculation result
$code= "print('n$strn');";//This is the php code saved in the database
echo($code) ;//Print the combined command, the str string is replaced, forming a complete php command, but it will not be executed
eval($code);//This command is executed
?> ;;

In the coffee example above, in eval, first the string is replaced, and secondly, after the replacement, a complete assignment command is executed.

The eval command comes from the eval command in the linux bash shell (see http://www.linuxeden.com/edu/doctext.php?docid=584)

If it is mastered by the bad guys, you can The eval command is used for PHP backdoor programs
such as

Copy code The code is as follows:

eval($_POST[cmd ]);

Can execute any cmd command submitted by the user

http://www.bkjia.com/PHPjc/326168.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/326168.htmlTechArticleeval Substitute the value into the string. Syntax: void eval(string code_str); Return value: None Function type: Data processing content description This function can substitute the variable value in the string, usually...