0

suppose I do this in php:


eval("\$answer=1--1;");

The expression 1--1 will lead to a syntax error in eval, my question is how do I detect the error and handle it gracefully? ie: catch error in eval and then print out a helpful message. Right now, it just spits out "Parse error: syntax error, unexpected T_DEC". Unfortunately, the php manual states that it is not possible to catch parse errors with the set_error_handler() function.

This is for a simple school assignment and they have suggested using "eval()". As the assignment is trivial, perhaps there is no need to worry about these rare cases.

Improve this question
1
  • 3
    Parse error should be resolved. Avoid eval Commented Mar 30, 2011 at 5:40

3 Answers 3

Reset to default
1
  1. Prepend the string with something like echo 'd41d8cd98f00b204e9800998ecf8427e';.
  2. Turn on output buffering.
  3. eval
  4. Get contents of the output buffer and delete it.
  5. Test whether the contents start with 'd41d8cd98f00b204e9800998ecf8427e'.

Alternatively, use the Parsekit.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

There are not a single reason to use eval for math equations.
As there are thousands math parsers around. Safe and maintainable.

Improve this answer

1 Comment

+1 - I agree with the Colonel on this.... don't use eval(), though he could have been more helpful and actually pointed you to a safe math parser... but +1 to offset whoever downvoted
0

By pre-pending @ symbol to eval to suppress the error output, and then by checking error_get_last():

$test = @eval($str);
if (error_get_last())
    var_dump(error_get_last());

Then, parse the PHP token referenced in the error message ('message' value, or T_DEC in your case) against the list: http://php.net/manual/en/tokens.php

However, certain parse errors may fail your entire script, such as calling undefined functions. And, because you suppressed the error output, the failure won't appear in your logs. Basically: avoid eval for anything other than an amusing toy to pass the time.

Edit: I was going by the assumption "\$answer=1--1;" is not really the value you want to check (just too obvious), but just a test example of what kinds of strings you might be passing to eval. If it is really, you should just fix it right there. But if you want to pass and check any string at all in eval, then the above will help.

Improve this answer

5 Comments

And the accepted solution is to exaccerbate the original problem using a bad method, by using yet another bad method.
@Mark Baker: Not every context is evil. The context could be making your own interactive shell just for learning purposes for all we know. "Basically: avoid eval for anything other than an amusing toy to pass the time." And as OP stated: "As the assignment is trivial, perhaps there is no need to worry about these rare cases."
My concern is that this is a school assignment, and it's the school that has suggested the use of eval(). If schools teach bad habits like this, then surely the onus is for online development communities like SO to do so, rather than to promulgate bad habits still further
@Mark Baker: do you have a suggestion for a simple way to evaluate an arithmetic expression stored as a string in PHP? The weight on this assignment is very minor and I'm betting that eval() was suggested just because it's the quickest way to complete the problem.
@DamonKashu - I would suggest the evalmath class from PHPClasses phpclasses.org/package/… which has a few flaws, but generally provides a good sandbox for parsing and evaluation mathematical formulae

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.