Posted by Colin McKinnon on 05/10/05 11:26

Brian Olivier wrote:

> Hello,
>
> The first option is what I want, but the fact that I can't put code in
> the curlies in a string is what I wanted to know. I was hoping for a
> smart string, but I will program the intelligence outside of the
> string!
>
You seem to be trying to send code from one script to be executed in a
second - is that correct?

If so, look at 'eval' and 'create_function' which will do what you want, but
you should really think long & hard about how to implement this securely.
You certainly don't want to execute any code sent back from a browser.
Better ways of doing this would be:

1) don't do it at all
2) encrypt the code before sending it out to the browser / decrypt and
validate it before executing it
3) don't send it to the browser - store it in a session variable.

HTH

C.

• Next in forum: Re: set cookie in nusoap web service, IE behaves diff than Firefox
• Prev in forum: Re: Dynamic Form Update
• Thread view: Re: Use of isset () in a string variabel

[Reply to this message]