eval() function security

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Thread Modes

eval() function security

ichabod801
Bunny Rabbit

Team Member

Posts: 4,229

Threads: 97

Joined: Sep 2016

Reputation: 273

Sep-20-2019, 11:58 PM

No. You are going to have to include '.' as well for decimal numbers, right? At that point you have attribute access and function calls possible. I don't think you can allow letters and have it be safe. If you need letters, I would recommend parsing the mathematical expression yourself, and not leave it to eval.

Craig "Ichabod" O'Brien - xenomind.com
I wish you happiness.
Recommended Tutorials: BBCode, functions, classes, text adventures

Website Find

Messages In This Thread

eval() function security - by Skaperen - Sep-20-2019, 11:47 PM

RE: eval() function security - by ichabod801 - Sep-20-2019, 11:58 PM

RE: eval() function security - by metulburr - Sep-21-2019, 07:00 AM

RE: eval() function security - by Skaperen - Sep-22-2019, 07:03 AM

RE: eval() function security - by DeaD_EyE - Sep-21-2019, 01:59 PM

RE: eval() function security - by snippsat - Sep-21-2019, 02:31 PM

RE: eval() function security - by metulburr - Sep-22-2019, 04:01 PM

RE: eval() function security - by snippsat - Sep-22-2019, 06:17 PM

RE: eval() function security - by Skaperen - Sep-23-2019, 04:32 AM

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	make eval() safe	Skaperen	5	2,715	Mar-24-2022, 05:47 PM Last Post: Skaperen

Users browsing this thread: 2 Guest(s)

View a Printable Version

eval() function security

User Panel Messages

Announcements