Re: [PHP] Parsing database variables
- From: jochem@xxxxxxxxxxxxx (Jochem Maas)
- Date: Sat, 31 Mar 2007 19:22:14 +0200
Chris Boget wrote:
But this is a much better way of doing this than using eval(). evalis an evil little function!
eval() isn't so bad if you have absolute, total and complete control
over the data you are pulling or using.
it remains bad if there is another way to do the same thing. eval() is the
matchete you use as the last resort when your backed into the corner by a group
of hungry zombies ... unless you have a zombie problem keep your machete holstered ;-)
having absolute, total and complete control over the input to eval() is the
entry price for even thinking of using it.
ok this is slight scare mongering but the fact remains: eval() is capable of
causing you serious damage and it's also comparitively slow!
But once someone else becomes.
involved (particularly the front end user), you are probably better off
looking at alternatives.
thnx,
Chris
- References:
- RE: [PHP] Parsing database variables
- From: "Chris Boget"
- RE: [PHP] Parsing database variables
- Prev by Date: Re: [PHP] Re: Alternative/Addition to using a CAPTCHA
- Next by Date: Re: [PHP] Re: Alternative/Addition to using a CAPTCHA
- Previous by thread: RE: [PHP] Parsing database variables
- Next by thread: Parse error help.., thanks..
- Index(es):
Relevant Pages
|
