Skip to main content

Evaluating/Executing PHP Code at Run-Time Using eval() Function

OK, so today we are going to discuss about one of the interesting functions of PHP. The eval() function. It is interesting in that it can evaluate/execute PHP code from inside scripts. This means, the eval() function can evaluate PHP code at run-time. The code itself in turn may be generated at run-time hence it could be used to execute code that may not initially be a part of the script.

Let’s see some examples:

eval("echo 'hello';");

Which is equivalent to:

echo 'hello';

One more example:

<?php

$n=10;
$code='';

for($i=0;$i<$n;$i++)
    $code.="echo $i;";

eval($code);

?>

Here the code to be evaluated is generated at run-time too.

The code to be evaluated could be stored somewhere (like in a file or in database) and later can be retrieved and evaluated.

As an example, below I’m providing the source code which would create a page that could be used to run PHP code. It’d provide a HTML textarea for you to type in the code which would then be executed and displayed. Be warned however that this kind of page is extremely vulnerable and an open invitation to hackers as anybody can use it to execute code on the server it is put in. so DON’T put this onto tour or anybody else’s server you have access to. It’d also be advisable to get off the internet before even trying it on your local server and delete the file afterwards. Believe me I’ve experienced hackers trying to access even local servers!

<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>

<body>
<h2>Run Script</h2>
<form name="form1" id="form1" method="get" action="">
  <p>
    <textarea name="code" cols="50" rows="15" id="code"></textarea>
  </p>
  <p>
    <input type="submit" name="Submit" value="Execute!" />
  </p>
</form>
<p><strong>Output:<br />
  -----------</strong></p>
<?php
if(isset($_GET['Submit']))
{
    $code=$_GET['code'];
    
    eval($code);
}
?>

</body>
</html>

Evaluating/Executing PHP Code at Run-Time Using eval() Function

Previous Posts:

Labels:

Popular posts from this blog

Fix For Toshiba Satellite "RTC Battery is Low" Error (with Pictures)

RTC Battery is Low Error on a Toshiba Satellite laptop "RTC Battery is Low..." An error message flashing while you try to boot your laptop is enough to panic many people. But worry not! "RTC Battery" stands for Real-Time Clock battery which almost all laptops and PCs have on their motherboard to power the clock and sometimes to also keep the CMOS settings from getting erased while the system is switched off.  It is not uncommon for these batteries to last for years before requiring a replacement as the clock consumes very less power. And contrary to what some people tell you - they are not rechargeable or getting charged while your computer or laptop is running. In this article, we'll learn everything about RTC batteries and how to fix the error on your Toshiba Satellite laptop. What is an RTC Battery? RTC or CMOS batteries are small coin-shaped lithium batteries with a 3-volts output. Most laptops use
Read more

The Best Way(s) to Comment out PHP/HTML Code

PHP supports various styles of comments. Please check the following example: <?php // Single line comment code (); # Single line Comment code2 (); /* Multi Line comment code(); The code inside doesn't run */ // /* This doesn NOT start a multi-line comment block /* Multi line comment block The following line still ends the multi-line comment block //*/ The " # " comment style, though, is rarely used. Do note, in the example, that anything (even a multi-block comment /* ) after a " // " or " # " is a comment, and /* */ around any single-line comment overrides it. This information will come in handy when we learn about some neat tricks next. Comment out PHP Code Blocks Check the following code <?php //* Toggle line if ( 1 ) {      // } else {      // } //*/ //* Toggle line if ( 2 ) {      // } else {      // } //*/ Now see how easy it is to toggle a part of PHP code by just removing or adding a single " / " from th
Read more

Generating XML Feeds (RSS, Atom) Using PHP

RSS/ATOM feeds are very common these days and almost all Content Management Systems (CMS) can generate it. But in the case when you want to generate it yourself or just want to learn how you can, read on! Both RSS and ATOM feeds are written in eXtensible Markup Language (XML) standard markup. Not just standard markups, you also need to be sure of what and how you put data in those markup elements (tags). For all this refer to the feed specifications of RSS and ATOM . XML itself is very strict and the standard specifications makes it even harder to generate valid feeds. And moreover, why re-invent the wheel when we can have it – ready-made. The solution I'm referring to here is, to use a third-party Library – Universal FeedWriter. FeedWriter is a PHP class written by Anis uddin Ahmad that can dramatically  ease-off feeds (both RSS and Atom) generation. You can download this library from  here . Every feed should have at least the following data: Feed title URL(of the webs
Read more