Jump to content

eval?

ejaboneta

By ejaboneta
in PHP Coding Help

 Share

Recommended Posts

ejaboneta Regular Member

ejaboneta

Posted
Posted

I've read that eval is horrible and whatnot but I don't really understand it. I've found it to be very useful.

 

I've been working on a project and I decided that a the page that I've been working on needs different functions depending on the users choice. Instead of storing all the functions in php files, I am putting the codes in the database to be used when called. That's where the eval comes in. Users would not be able to input anything into this table on the database. Is this a bad idea and why?

Link to comment
Share on other sites
GingerRobot Regular Member

GingerRobot

Posted
Posted

So you're storing these functions in the database but they're never modified? There's no real security risk there. However, it is going to be inefficient - apart from anything else, you have to perform a query before you can execute the function. I don't understand why you thought storing the functions in a database rather than in your file would be better?

Link to comment
Share on other sites
jonem Newbie

jonem

Posted
Posted

Hi,

 

I have problem with the eval() function and could use som help.

 

I wish to have functions in an actual .php file but then I want to call this function from either code stored in a variable or in MySQL (I guess its about the same?)

 

I have tried with this but cant get it to work.

----

$vpage='fAVINPicture(\'pics/\', \'bild2.jpg\', \'This is a picure of a giraff\', \'\', \'\', $WapVersion);';

 

echo $vtest = eval($vpage);

----

$vpage is where I intend to store the code I want executed and then I try to get it executed below. 

 

the function fAVINPicture() creates HTML code to show a picture depending on the variables sent to it.

 

Please help! :-)

 

Best regards -Jon

Link to comment
Share on other sites
jonem Newbie

jonem

Posted
Posted

Hi,

 

I tried this

-----------

$vpage2='call_user_func(\'fAVINPicture\', \'pics/\', \'bild2.jpg\', \'This is a picure of a giraff\', \'\', \'\', $WapVersion);';

 

$vtest = eval($vpage2);

 

echo $vtest;

---------------

 

No luck. :-(

 

How should I go about this?

 

Many thanks - Jon

 

Link to comment
Share on other sites
GingerRobot Regular Member

GingerRobot

Posted
Posted

Try this:

 

$vpage2= call_user_func('fAVINPicture', 'pics/', 'bild2.jpg', 'This is a picure of a giraff', '', '', $WapVersion);
echo $vpage2 //assuming your function does actually return a value?

 

call_user_func() is a normal function. You need to call it in the normal way. If you place a function name inside quotes, it doesn't get called.

Link to comment
Share on other sites
ejaboneta Regular Member

ejaboneta

Posted
  • Author
Posted

So you're storing these functions in the database but they're never modified? There's no real security risk there. However, it is going to be inefficient - apart from anything else, you have to perform a query before you can execute the function. I don't understand why you thought storing the functions in a database rather than in your file would be better?

 

 

Well there probably is a better way to do this but here's why...

 

I'm making a game and the part of the site I'm talking about is a battle system. I want to have many different moves that do different things. For example, a simple attack would subtract points from the other player based on both players stats and the strength of the attack. But I have a problem because there are other moves that do stuff like make the next player miss a turn, alter the stats of the players for the rest of fight or just that turn, etc. Since the moves are stored in the database anyways, I thought it'd be more convenient to add an extra column and store specific code in there.

 

What do you think?

Link to comment
Share on other sites
ejaboneta Regular Member

ejaboneta

Posted
  • Author
Posted

What I'm saying is that I'm going to have dozens of moves, half of which I can do with one script but the rest require custom combinations of functions. I'm not actually storing the functions in the database, just which functions to call.

 

For example, "bite" would do the following, call the speed function(to determine a hit or miss), and call the damage function(to determine damage based on defense, strength), and then a final script to execute the damage and set the message variable that would be displayed.

 

The more advanced moves like "Jump" would do nothing on the players side but make the opponents move miss. "Pounce" would call a function that alters speed stat for just one move, and then call the speed and damage functions. Some others would call the damage script twice for multiple hits in one move or skip a few turns to build their strength.

 

If there is a better way, I am open to ideas. I just want to make sure I understand how to do things.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.