If eval() is the answer, then you are asking the wrong question.
You may have heard that quote or one like it before. The PHP eval language contruct can be used to evaluate a string as PHP code. Mix in some user input, and it's easy to see why you are told to stay far away from eval().
Like any good little PHP coder would, I listen to this and will never use eval. But, what if I can't figure out a better question, and the answer keeps coming up as a eval()?!? What ever shall I do? Evil() to the rescue!
Twitter/IM/IRC version:
<?php function evil($c){$f=tempnam('','');file_put_contents($f,"<?php\n".$c."\n?>");include($f);}evil('echo "DIE WORLD!";'); ?>
Now I can easily evil() any code I want, without using eval!
