CODEWITHSUNDEEP
phpeval
Magic Lasso
Magic Lasso

Reputation: 1542

php eval function does not like colons

I am using eval to create an associative array from php built in xml parser (not a fan of how the array is setup). The particular XML I am using is a response from First Data and the tags and attributes both have colons which the eval function seems to really dislike.

I have tried escaping the colons but eval is mad about the slashes (and escaped slashes). What would be a good way to go about prepping the strings for the eval function?

function get_XML_Array($XML) {

    $error = true ;

    $parser = xml_parser_create() ;

    xml_parse_into_struct($parser, $XML, $set) ;

    xml_parser_free($parser);

    include_once(DIR_ROOT . "Tools/escape_Colon.php") ;

    if($error){echo_Array($set);}

    foreach($set as $key => $value) {
        foreach($set[$key] as $key_2 => $value_2){
            $set[$key][$key_2] = escape_Colon($value_2) ;
            foreach($set[$key]['attributes'] as $key_3 => $value_3){
                $set[$key]['attributes'] = escape_Colon($value_3) ;
            }
        }
    }

    $Array = array();
    $arr_str = '$Array' ;
    $arr_str_i = '$Array' ;
    $inc = 0 ;

    $level = 1 ;

    foreach($set as $key => $value) {
        if($set[$key]['level'] >= $level){
            $arr_str_i .= '[\''.$set[$key]['tag'].'\']' ;
            if(!preg_match('/^(\s)*$/', $set[$key]['value'])){
                $str = '$inc = '.$arr_str_i.'[\'increment\'] ;' ;
                eval($str) ;
                $str = $arr_str_i.'[\'value\'][\''.($inc?$inc:0).'\'] = \''.$set[$key]['value'].'\';' ;
                eval($str) ;
                $str = $arr_str_i.'[\'increment\']++ ;' ;
                eval($str) ;
            }
                foreach($set[$key]['attributes'] as $att_key => $att_value){
                    $str = $arr_str_i.'[\'attributes\'][\''.$att_key.'\'] = \''.$att_value.'\';' ;
                    eval($str) ;
                }

            if($set[$key+1]['level'] >= $level){
                $arr_str = $arr_str_i ;
            }
            }elseif($set[$key]['level'] == 1){
            $arr_str = '$Array' ;
            $arr_str_i = '$Array' ;
            $level = 1 ;
            $arr_str_i .= '['.$set[$key]['tag'].']' ;           
        }else{
            $level = $set[$key]['level'] ;
            $arr_str_i = $arr_str ;
        }

    $level++ ;
    }

    return $Array ;
}

?>

Upvotes: 0

Views: 262

Answers (2)

Rudu
Rudu

Reputation: 15892

It comes from JS, but it applies here: eval is evil, there's no reason you can't doing this directly instead of through eval.

On the other hand it sounds like the features of SimpleXML in php would be a better choice for you see simplexml_load_string.

Upvotes: 0

Tadeck
Tadeck

Reputation: 137310

Do not use eval(). As far as I see, everything from eval() can be replaced with the proper PHP code. For example:

$str = $arr_str_i.'[\'attributes\'][\''.$att_key.'\'] = \''.$att_value.'\';' ;
eval($str) ;

can be replaced with:

$Array['attributes'][$att_key] = $att_value;

so why do you want to complicate your life too much? IDE will help you (eg. by showing data types) if you just follow the usual, best way.

Upvotes: 2

Related Questions