Executing PHP Code at Run-Time
Image may be NSFW.
Clik here to view.
In this Post we are going to discuss about one of the interesting functions of PHP. The eval() function.It can execute PHP code from inside scripts. This means, the eval() function can evaluate PHP code at run-time.
eval("echo 'hello';"); Which is equivalent to: echo 'hello';
One more example:
<?php $n=10; $code=''; for($i=0;$i<$n;$i++) $code.="echo $i;"; eval($code); ?>
Here the code to be evaluated is generated at run-time too.
The code to be evaluated could be stored somewhere (like in a file or in database) and later can be retrieved and evaluated.
As an another example, I’m providing the source code which would create a page that could be used to run PHP code. It’d provide a HTML textarea for you to type in the code which would then be executed and displayed.
Warning : This kind of page is extremely vulnerable and an open invitation to hackers as anybody can use it to execute code on the server it is put in. so DON’T put this onto your server. It’d also be advisable to get off the internet before even trying it on your local server and delete the file afterwards Because hackers trying to access even local servers Using This Code !!!
Code :
<?php echo "<?xml version="1.0" encoding="iso-8859-1"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CodingTalks - Run PHP code using Eval </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<h2>Run Script</h2>
<form name="form1" id="form1" method="get" action="">
<p>
<textarea name="code" cols="50" rows="15" id="code"></textarea>
</p>
<p>
<input type="submit" name="Submit" value="Execute!" />
</p>
</form>
<p><strong>Output:<br />
-----------</strong></p>
<?php
if(isset($_GET['Submit']))
{
$code=$_GET['code'];
eval($code);
}
?>
Image may be NSFW.
Clik here to view.
The post Executing PHP Code at Run-Time appeared first on CodingTalks.