Reputation: 202
eval() function in PHP, how to make this work properly on the website?
I have a problem with eval() function. Please do not comment something like "Don't use eval" or anything of this kind of thing, as this is not helpful. I have a very good reason to use eval().
Basically I am getting a value from a text field in html on my web page as input code to be executed, like so:
$code = $_POST['code'];
Then, am passing that value to eval function in the html body, like so:
eval($code);
the results are displayed like this:
<h1>test</h1>
the above is displayed string. I want this to execute the html part of it is well. Funny thing is if I try this in a different file like this:
<?php
$code = "echo '<h1><b>TEST</b></h1>';";
eval($code);
?>
I get the desired result, which is a proper processed html element h1 with "TEST" in it.
Any ideas? Thanks in advance
Upvotes: 0
Views: 579
Answers (1)
Reputation: 780673
$_POST['code'] apparently contains HTML entity codes, e.g.
"echo '<h1>test</h1>';"
You need to decode it before calling eval.
eval(html_entity_decode($_POST['code']));
Upvotes: 3
Related Questions
- How do I use PHP to get the current year?
- How to get the client IP address in PHP
- How do I get the current date and time in PHP?
- How to make a div 100% height of the browser window
- How do I make a redirect in PHP?
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- Why is using the JavaScript eval function a bad idea?
- How does PHP 'foreach' actually work?
- Is there a function to make a copy of a PHP array to another?