简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  Backend Development  >  Summary of php eval function usage

Summary of php eval function usage

高洛峰
高洛峰Original
2016-11-29 15:33:041442browse

I think many friends know this function. It is the most commonly used sentence by hackers. It can parse php code and run it. eval is a function that cannot be disabled in php. I used to think that this function could be disabled in php.ini, but it failed. .

Definition and usage

eval() function calculates the string according to the PHP code. The string must be a legal PHP code and must end with a semicolon. If the return statement is not called in the code string, then Return NULL, if there is a parsing error in the code, the eval() function returns false.

Syntax: eval(phpcode)

Parameter description

phpcode required, specifies the PHP code to be calculated.

Tips and comments

Comments :The return statement will immediately terminate the calculation of the string.

Note: This function is useful for storing code in the database text field for future calculations.

PHP example code is as follows:

$string = "beautiful";

$time = "winter";

$str = 'This is a $string $time morning!';

echo $str. "
";

eval("$str = "$str";");

echo $str;

?>

//Output:

//This is a $string $time morning!

//This is a beautiful winter morning! The

eval() function is also used in the CodeIgniter framework. In the /system/database/DB.php file, a class CI_DB is dynamically defined based on the system configuration. Specific code snippets As follows:

if (! isset($active_record) OR $active_record == TRUE)

{

require_once(BASEPATH.'database/DB_active_rec.php'); if ( ! class_exists('CI_DB') )

                                                                                                  

                                                                                                                class CI_DB extends CI_DB_driver {}'); 'dbdriver']. '_driver.php');

// Instantiate the DB adapter,phpfensi.com

$driver = 'CI_DB_'.$params['dbdriver'].'_driver';

$DB = new $driver ($params);

This function can substitute the variable value in the string. It is usually used to process database data. The parameter code_str is the string to be processed. It is worth noting that the string to be processed must comply with PHP's string format, and there must be a semicolon at the end. The string processed by this function will continue until the end of the PHP program.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Introduction to php functions to prevent sql injectionNext article:Introduction to php functions to prevent sql injection

Related articles

See more