-
Notifications
You must be signed in to change notification settings - Fork 788
/
Copy patheval.xml
162 lines (153 loc) · 5.02 KB
/
eval.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<refentry xml:id="function.eval" xmlns="http://docbook.org/ns/docbook">
<refnamediv>
<refname>eval</refname>
<refpurpose>Evaluate a string as PHP code</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
<type>mixed</type><methodname>eval</methodname>
<methodparam><type>string</type><parameter>code</parameter></methodparam>
</methodsynopsis>
<para>
Evaluates the given <parameter>code</parameter> as PHP.
</para>
<para>
The code being evaluated inherits the
<link linkend="language.variables.scope">variable scope</link>
of the line on which the <function>eval</function> call occurs.
Any variables available at that line will be available for reading and
modification in the evaluated code.
However, all functions and classes defined will be defined in the global namespace.
In other words, the compiler considers the evaluated code as if it were a
separate <link linkend="function.include">included</link> file.
</para>
<caution>
<para>
The <function>eval</function> language construct is <emphasis>very dangerous</emphasis>
because it allows execution of arbitrary PHP code. <emphasis>Its use thus is
discouraged.</emphasis> If you have carefully verified that there is no other option
than to use this construct, pay special attention <emphasis>not to pass any user
provided data</emphasis> into it without properly validating it beforehand.
</para>
</caution>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<para>
<variablelist>
<varlistentry>
<term><parameter>code</parameter></term>
<listitem>
<para>
Valid PHP code to be evaluated.
</para>
<para>
The code must not be wrapped in opening and closing
<link linkend="language.basic-syntax.phpmode">PHP tags</link>, i.e.
<literal>'echo "Hi!";'</literal> must be passed instead of
<literal>'<?php echo "Hi!"; ?>'</literal>. It is still possible to leave and
re-enter PHP mode though using the appropriate PHP tags, e.g.
<literal>'echo "In PHP mode!"; ?>In HTML mode!<?php echo "Back in PHP mode!";'</literal>.
</para>
<para>
Apart from that the passed code must be valid PHP. This includes that all statements
must be properly terminated using a semicolon.
<literal>'echo "Hi!"'</literal> for example will cause a parse error, whereas
<literal>'echo "Hi!";'</literal> will work.
</para>
<para>
A <literal>return</literal> statement will immediately terminate the
evaluation of the code.
</para>
<para>
The code will be executed in the scope of the code calling <function>eval</function>. Thus any
variables defined or changed in the <function>eval</function> call will remain visible after
it terminates.
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<para>
<function>eval</function> returns &null; unless
<literal>return</literal> is called in the evaluated code, in which case
the value passed to <literal>return</literal> is returned. As of PHP 7, if there is a
parse error in the evaluated code, <function>eval</function> throws a <classname>ParseError</classname> exception.
Before PHP 7, in this case <function>eval</function> returned
&false; and execution of the following code continued normally. It is
not possible to catch a parse error in <function>eval</function>
using <function>set_error_handler</function>.
</para>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<para>
<example>
<title><function>eval</function> example - simple text merge</title>
<programlisting role="php">
<![CDATA[
<?php
$string = 'cup';
$name = 'coffee';
$str = 'This is a $string with my $name in it.';
echo $str. "\n";
eval("\$str = \"$str\";");
echo $str. "\n";
?>
]]>
</programlisting>
&example.outputs;
<screen>
<![CDATA[
This is a $string with my $name in it.
This is a cup with my coffee in it.
]]>
</screen>
</example>
</para>
</refsect1>
<refsect1 role="notes">
&reftitle.notes;
¬e.language-construct;
&tip.ob-capture;
<note>
<para>
In case of a fatal error in the evaluated code, the whole script exits.
</para>
</note>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<para>
<simplelist>
<member><function>call_user_func</function></member>
</simplelist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->