On 19/08/11 03:57, Dave Reisner wrote:
This is a safety measure to prevent simple code injection.
$ i="foo bar"
$ eval i="$i"
bash: bar: command not found
$ eval i='$i'
$ echo "|$i|"
|foo bar|
Signed-off-by: Dave Reisner<[email protected]>
No signoff... with single quotes it does not actually do the variable
substitutions which is the whole point.
> _ver=1.8.2
> i='${_ver/[a-z]/.${_ver//[0-9.]/}}'
> echo $i
${_ver/[a-z]/.${_ver//[0-9.]/}}
> eval i='$i'
> echo $i
${_ver/[a-z]/.${_ver//[0-9.]/}}
> eval i="$i"
> echo $i
1.8.2
So what is really needed is:
eval i=\"$i\"
Allan
