Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: How to do that with eval ?

by perlmonkey (Hermit)
on Apr 10, 2004 at 07:43 UTC ( #344099=note: print w/replies, xml ) Need Help??


in reply to How to do that with eval ?

Something like this is probably more what you are looking for:
my $sop = ... my $sport = ... while( <FH> ) { # get the 9th element my $port_a = (split /:/)[8]; # do the eval and capture the return value of comparison my $result = eval "\$port_a $sop \$sport"; # exit if eval failed die "eval error: $@" if $@; if( $result ) { # do something } else { # do something } }
You have to escape the variables you dont want eval to replace (string interpolate). And the "if" statement is redunant. You can just return the boolean value of the comparison.

Replies are listed 'Best First'.
Re: Re: How to do that with eval ?
by tachyon (Chancellor) on Apr 10, 2004 at 08:05 UTC
    $sop = ";print qq!You have been hacked rm -rf *!;";

    String eval + User Input == Shudder. Any. Arbitrary. Code.

    cheers

    tachyon

      Absolutely. If the above script was a cgi, you might as well reformat your disk now. If the script is meant to be a 'quick hack', evals work, they work well, and with minimal coding.

      I have used unsafe hacks like this for my personal dirty scripts because I dont have the time, inclination, or need to make them luser or h4x0r safe.

      As tachyon says, never use eval on user input unless this is intended to be a 'dirty quick hack'.
        >>"Absolutely. If the above script was a cgi, you might as well reformat your disk now. If the script is meant to be a 'quick hack', evals work, they work well, and with minimal coding."

        Hi,

        In the interests of clarity I'd be grateful if you could make it absolutely clear which of the "above" scripts you are referring to. I'm trying to learn and don't want to inadvertently misunderstand.

        Thanks

        Sid

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://344099]
help
Chatterbox?
[Your Mother]: Stick with what you know. Or post a SOPW and if it's not complicated I guarantee someone will answer; me if it's straightforward and no one else gets it better first.
[1nickt]: ++YourMother (Grammar Vigilante of Bristol)
[Lady_Aleena]: Um, how does grep do multiline? print "$file:$_" if grep { /get_(array|hash| data)\(.+\)/ } $_; only returns the same 18 lines the command line grep does.
[Lady_Aleena]: my scratchpad has what I have so far.
[choroba]: what do you mean by multiline?
[Discipulus]: thanks 1nickt!
[choroba]: grep is a filter, it selects elements from a list based on a boolean condition
[moritz]: you need to read the file in one go to do a multiline regex match
[erix]: ha ha, I like the Vigilante
[Lady_Aleena]: Forget it. I'm getting angry with it.

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (12)
As of 2017-05-23 19:49 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?