On 8/14/05, Kripa Sundar <[EMAIL PROTECTED]> wrote: > Dear fellow mongers, > > I saw a friend using an eval() where it was unnecessary. Of course, > eval() is a valuable tool, with many valid uses. But in this specific > instance, it was truly unnecessary, and so I advised him to eliminate > the eval(). (The code he used was "eval $string", where the value of > $string was known at compile-time.) > > He wrote back: > > > Why? What is wrong with eval other than security problems. It is a > > script which is used internally so I do not think there is any problem > > with that. [...] > > That set me thinking. > > I could think of three problems with eval(), and replied to him with > the three points below. Please let me know if I have gotten anything > wrong below. Also, if you can think of more eval() concerns, please > help me learn. TIA.
Additional issues. If you use an eval and do not check $@, your errors are swallowed. Also getting code with eval right is more difficult than equivalent code using other techniques. Cheers, Ben _______________________________________________ Boston-pm mailing list [email protected] http://mail.pm.org/mailman/listinfo/boston-pm
