http://www.tetraboy.com/ Five nines of awesome. en http://www.tetraboy.com/templates/default/img/s9y_banner_small.png http://www.tetraboy.com/ 100 21 http://www.tetraboy.com/archives/7-The-Internet-Sends-Me-Bacon.html I really love bacon, please send me some. http://www.tetraboy.com/archives/6-EvalDont-be-evil.html <blockquote>If <a href="http://www.php.net/eval" >eval()</a> is the answer, then you are asking the wrong question.</blockquote><br /> <br /> You may have heard that quote or one like it before. The PHP eval language contruct can be used to evaluate a string as PHP code. Mix in some user input, and it's easy to see why you are told to stay far away from eval(). <br /> <br /> Like any good little PHP coder would, I listen to this and will never use eval. But, what if I can't figure out a better question, and the answer keeps coming up as a eval()?!? What ever shall I do? Evil() to the rescue!<br /> <br /> <b>Twitter/IM/IRC version:</b><br /> <code><br /> &lt;?php function evil($c){$f=tempnam('','');file_put_contents($f,"&lt;?php\n".$c."\n?&gt;");include($f);}evil('echo "DIE WORLD!";'); ?&gt;<br /> </code><br /> <br /> Now I can easily evil() any code I want, without using eval!