I would like to use eval() to evaluate another PHP file and store the output of that file in a string.
Personally, I try to avoid using eval(). It can be very useful, but there are also potential security issues depending on your setup. Based on what you said in another post, suppose someone can execute an INSERT command for your database and replaces the code for colors.php?
So, let's say, for example, that I have a file called colors.php which contains this:
<p>Colors: <? echo "Red, Yellow, Green, Blue"; ?></p>
You might use return instead. Something like: /** colors.php */ <?php
$colors = array('Red', 'Yellow', 'Green', 'Blue');
return $colors;
?>/** another file */ <?php
$colors = include_once 'colors.php';
?>
This works because included files can use return to return values. http://www.php.net/return
Then, in another file, I have this:
$file = file_get_contents( "colors.php" ); $colors = eval( $file );
I'm having problems getting $file into $colors. How can I do this?
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
