Geek Answers Handbook

What is the meaning of this line of code?

I found this line of code in the Virtuemart plugin for Joomla on line 2136 in admin / components / com_virtuemart / classes / ps_product.php

eval ("\$text_including_tax = \"$text_including_tax\";");
+3
source share
9 answers

Discard my previous answer.

The reason this eval () is shown here in php eval docs

This is what happens:

$text_including_tax = '$tax <a href="...">...</a>';

...

$tax = 10;

...

eval ("\$text_including_tax = \"$text_including_tax\";");

At the end of this $text_including_taxis:

"10 <a href="...">...</a>"

Single quotes prevent the $taxstring from being included in the original definition. Using eval(), it makes it re-evaluate the string and include the value for $tax.

I am not a fan of this particular method, but it is correct. An alternative could be to usesprintf()

+9
source

$text_including_tax .

, , , $text_including_tax , , .

, $text_include_tax :

"\"; readfile('/etc/passwd'); $_dummy = \"";

:

eval("$text_include_tax = \"\"; readfile('/etc/passwd'); $_dummy =\"\";");

passwd.

:

$text_include_tax = (string) $text_include_tax;

:

$text_include_tax = "$text_include_tax";

$text_include_tax , . , .

+4

, $text_including_tax , .

+2

, ? .

+1

eval, . , - . :

//eval ("\$text_including_tax = \"$text_including_tax\";");
$text_including_tax = str_replace('$tax', $tax, $text_including_tax);
+1

PHP.

, ? Weird.

0

, -, , .

, HTML/URI/etc. . , , , eval, , .

, .

0

I looked through this code base before. This is one of the worst PHP I've seen.

I assume that you would do such a thing as to hide the mistakes you made somewhere else.

0
source

No, he does this:

Say $text_including_tax= "flat". This code evaluates the line:

$ flat = "flat";

This is not necessarily good, but I used this method once to suck all MySQL variables in such an array:

    while ($row = mysql_fetch_assoc($result)) {
        $var = $row["Variable_name"];
        $$var = $row["Value"];
    }
-4
source

More articles:


All Articles