CODEWITHSUNDEEP
phpcreate-function
Batuhan
Batuhan

Reputation: 11

how to fix deprecated create_function error

i got this error:

Function create_function() is deprecated in shipping.php

private function calculate_string( $mathString ) {
    $mathString = trim($mathString);     // trim white spaces
    $mathString = preg_replace ('[^0-9\+-\*\/\(\) ]', '', $mathString);    // remove any non-numbers chars; exception for math operators
    $compute = create_function("", "return (" . html_entity_decode($mathString) . ");" );
    return 0 + $compute();

as far as i found out, create_function is useless now. I considered all the suggestions on the web and came to the following conclusion

private function calculate_string( $mathString ) {
    $mathString = trim($mathString);     // trim white spaces
    $mathString = preg_replace ('[^0-9\+-\*\/\(\) ]', '', $mathString);    // remove any non-numbers chars; exception for math operators
    $compute = function() {
      return (" . html_entity_decode($mathString) . ");
    };
    return 0 + $compute();

but this time it gives this error:

Undefined variable: mathString in shipping.php on line 1592 Warning: A non-numeric value encountered in shipping.php

Also i tried return part like this ways but it is not working

      return html_entity_decode($mathString);
      return $html_entity_decode($mathString);

Where am I going wrong? Can you help me please?

Upvotes: 0

Views: 916

Answers (1)

Barmar
Barmar

Reputation: 782148

Use an anonymous function with eval().

$compute = function() use ($mathString) { eval("return (" . html_entity_decode($mathString) . ");"; }

You need the use option to make the variable available in the function.

Actually, there's no need for the function in the first place. You can just use eval() directly.

private function calculate_string( $mathString ) {
    $mathString = trim($mathString);     // trim white spaces
    $mathString = preg_replace ('[^0-9\+-\*\/\(\) ]', '', $mathString);    // remove any non-numbers chars; exception for math operators
    eval('return 0 + (' . html_entity_decode($mathString) . ');')
}

I have a feeling the original programmer either didn't know how to use eval(), or heard the advice that eval() is dangerous. But creating a function with the dynamic content is just as dangerous.

Upvotes: 2

Related Questions