0

Is there any other way to parse the file without eval()? I'm trying to render the php code without using php tags inside index.gs and so far i can do it only with eval(). The problem is not only to parse vars, but custom template characters.

here is the sample of code below.

 $render = file_get_contents($this->file);

 $render = $this->parse_extends($render);
 $render = $this->parse_assets($render);
 $render = $this->parse_vars($render);
 $render = $this->parse_vars_skip($render);

  try {
        ob_start();
        eval('?>' . $render);
        $render = ob_get_contents();
    } finally {
        ob_get_clean();
    }
    return $render;

The return $render - return to View::class code for response

Improve this question
2
  • 1
    "I'm trying to render the php code without using php tags" – why…? Commented Nov 23, 2017 at 12:07
  • Maybe highlight_file php.net/manual/en/function.highlight-file.php is what you are looking for? Commented Nov 23, 2017 at 12:10

1 Answer 1

Reset to default
1

If the allow_url_include directive is enabled in php.ini, then it’s possible to execute this code using

include "data://text/plain;base64," . base64_encode($render);

but this setting is disabled by default, and cannot be changed within user code, but only through editing the php.ini file; so unless explicitly enabled in php.ini (and there normally isn’t any good reason why it should be), then it isn’t really an option.

An alternative is to create a temporary file, write the code there, and then execute it using include:

$tempFilename = tempnam("/tmp", "MyTemplate");
file_put_contents($tempFilename, $render);
include $tempFilename;
unlink($tempFilename);

But both have similar issues and dangers to eval().

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Yes I already tried second way, but it was not good if you have only layout.master.gs and index.gs then yes but if you yield other files or include then it's not good
The second one is honestly just eval but using the filesystem instead of RAM to store the code to be evaluated, which is kinda silly ;)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.