Lithium Posted May 26, 2009 Posted May 26, 2009 I'm looking for a decent and fair alternative to the use of eval(). I am pulling out some codebits from within a DB field, yet the attempts i made with regex simply failed and the only way i managed to do it decently was using eval()... though eval() does the work just fine, it may lead some holes, so i am shouting for some tips/examples up on this subject!!! Thank you :) Quote
Floydian Posted May 27, 2009 Posted May 27, 2009 Re: Alternative to eval() Alrighty, eval() executes php code contained in a string. Since the ENTIRETY of possibilities of all combination of code can be run through eval, or some other method, your question couldn't be more vague... What are you trying to do there? Quote
Lithium Posted May 27, 2009 Author Posted May 27, 2009 Re: Alternative to eval() Alrighty, eval() executes php code contained in a string. Since the ENTIRETY of possibilities of all combination of code can be run through eval, or some other method, your question couldn't be more vague... What are you trying to do there? Basicly parse a db field that will only contain $vars to be passed out. I can do it using eval(), though as for safety eval() is not widely recommended Quote
Floydian Posted May 27, 2009 Posted May 27, 2009 Re: Alternative to eval() It sounds like you might benefit from the serialize/unserialize functions. They are safer to use than eval. They are not 100% safe though. As always, safe secure code is more a function of how you use something, rather than if you use something at all. http://us2.php.net/serialize That page has a link to the unserialize function. Hope that helps... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.