error message evaluation system with PHP eval(

2019-09-18 09:45发布

站内文章 / PHP
23 0 0

问题:

I'm trying out a error message evaluation system but I havn't been able to get it to work to acctually be able to evaluate the system.

Can you see what is wrong with it?

    $errors     = array();
    $name       = '9';
    $familyname = 'family';
    $user       = '9user`';
    $postdata   = array('name' => $name,'familyname' => $familyname,'user' => $user);

    foreach($postdata as $key => $value)
    {
        switch($key)
        {
            case 'name':
                $rules = array
                (
                    'strlen($value)>1;'               => 'Your name is too short.',
                    'is_numeric(substr($value,0,1));' => 'Your name has to begin with a character.',
                    'has_specchar($value);'           => 'Your name contains illegal characters.'
                );

                foreach($rules as $rule => $error)
                {
                    if(eval($rule)) $errors[] = $error;
                }
                break;

            case 'familyname':
                break;

            case 'user':
                $rules = array
                (
                    'strlen($value)<5;'               => 'The username is too short.',
                    'is_numeric(substr($value,0,1));' => 'The username has to begin with a character.',
                    'has_specchar($value);'           => 'The username contains illegal characters.'
                );

                foreach($rules as $rule => $error)
                {
                    if(eval($rule))
                    // if(eval($rule)==1)
                    // if(eval($rule)===1)
                    // if(eval($rule)==true)
                    // if(eval($rule)===true)
                    // None of these have had an effect??!
                    {
                        $errors[] = $error;
                    }
                }
                break;

            default:
        }
    }
    print_r($errors);

    function has_specchar($x,$excludes=array())
    {

        if(is_array($excludes)&&!empty($excludes))
        {
            foreach($excludes as $exclude)
            {
                $x=str_replace($exclude,'',$x);        
            }    
        } 

        if(preg_match('/[^a-z0-9 ]+/i',$x))
        {
            return true;        
        }

        return false;

    }

This error array is empty even though I've entered data I know SHOULD trigger it to become an error??!

回答1:

From PHP documentation:

eval() returns NULL unless return is called in the evaluated code, in which case the value passed to return is returned. As of PHP 7, if there is a parse error in the evaluated code, eval() throws a ParseError exception. Before PHP 7, in this case eval() returned FALSE and execution of the following code continued normally. It is not possible to catch a parse error in eval() using set_error_handler().

http://php.net/manual/en/function.eval.php

Adding return to your rules keys seems to fix the problem.

    $rules = array
    (
        'return strlen($value)>1;'               => 'Your name is too short.',
        'return is_numeric(substr($value,0,1));' => 'Your name has to begin with a character.',
        'return has_specchar($value);'           => 'Your name contains illegal characters.'
    );


标签: php eval
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~