eval(3) [php man page]

EVAL(3) 								 1								   EVAL(3)

eval - Evaluate a string as PHP code

SYNOPSIS

       mixed eval (string  $code)

DESCRIPTION

	Evaluates the given $code as PHP.

       Caution

	       The  eval(3)  language construct is very dangerous because it allows execution of arbitrary PHP code.  Its use thus is discouraged.
	      If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any  user
	      provided data into it without properly validating it beforehand.

PARAMETERS

	      o $code
		- Valid PHP code to be evaluated.  The code mustn't be wrapped in opening and closing PHP tags, i.e.  'echo "Hi!";' must be passed
		instead of '<? echo "Hi!"; >'. It is still possible to leave and reenter PHP mode though using	the  appropriate  PHP  tags,  e.g.
		'echo  "In  PHP  mode!";  ?>In	HTML  mode!<? echo "Back in PHP mode!";'.  Apart from that the passed code must be valid PHP. This
		includes that all statements must be properly terminated using a semicolon.  'echo "Hi!"' for example will cause  a  parse  error,
		whereas 'echo "Hi!";' will work.  A return statement will immediately terminate the evaluation of the code.  The code will be exe-
		cuted in the scope of the code calling eval(3). Thus any variables defined or changed in the  eval(3)  call  will  remain  visible
		after it terminates.

RETURN VALUES

       eval(3)	returns  NULL  unless  return is called in the evaluated code, in which case the value passed to return is returned. If there is a
       parse error in the evaluated code, eval(3) returns FALSE and execution of the following code continues normally.  It  is  not  possible	to
       catch a parse error in eval(3) using set_error_handler(3).

EXAMPLES

       Example #1

	      eval(3) example - simple text merge

	      <?php
	      $string = 'cup';
	      $name = 'coffee';
	      $str = 'This is a $string with my $name in it.';
	      echo $str. "
";
	      eval("$str = "$str";");
	      echo $str. "
";
	      ?>

	      The above example will output:

	      This is a $string with my $name in it.
	      This is a cup with my coffee in it.

NOTES

       Note

	      Because this is a language construct and not a function, it cannot be called using variable functions.

       Tip

	      As  with anything that outputs its result directly to the browser, the output-control functions can be used to capture the output of
	      this function, and save it in a string (for example).

       Note

	       In case of a fatal error in the evaluated code, the whole script exits.

SEE ALSO

       call_user_func(3).

PHP Documentation Group 														   EVAL(3)

STRIP_TAGS(3)								 1							     STRIP_TAGS(3)

strip_tags - Strip HTML and PHP tags from a string

SYNOPSIS

       string strip_tags (string  $str, [string  $allowable_tags])

DESCRIPTION

	This  function	tries to return a string with all NULL bytes, HTML and PHP tags stripped from a given $str. It uses the same tag stripping
       state machine as the fgetss(3) function.

PARAMETERS

	      o $str
		- The input string.

	      o $allowable_tags
		- You can use the optional second parameter to specify tags which should not be stripped.

	      Note

		      HTML comments and PHP tags are also stripped. This is hardcoded and can not be changed with $allowable_tags.

	      Note

		      This parameter should not contain whitespace. strip_tags(3) sees a tag as a case-insensitive string between < and the  first
		     whitespace or >.

	      Note

		      In  PHP  5.3.4 and later, you will also need to include the self-closing XHTML tag to strip these from $str. For example, to
		     strip both <br> and <br/>, you should use:

		     <?php
		     strip_tags($input, '<br><br/>');
		     ?>

RETURN VALUES

	Returns the stripped string.

CHANGELOG

       +--------+---------------------------------------------------+
       |Version |						    |
       |	|						    |
       |	|		     Description		    |
       |	|						    |
       +--------+---------------------------------------------------+
       | 5.3.4	|						    |
       |	|						    |
       |	| strip_tags(3) no longer strips self-closing XHTML |
       |	| tags	unless	the  self-closing XHTML tag is also |
       |	| given in $allowable_tags.			    |
       |	|						    |
       | 5.0.0	|						    |
       |	|						    |
       |	|	  strip_tags(3) is now binary safe.	    |
       |	|						    |
       +--------+---------------------------------------------------+
EXAMPLES

       Example #1

	      strip_tags(3) example

	      <?php
	      $text = '<p>Test paragraph.</p><!-- Comment --> <a href="#fragment">Other text</a>';
	      echo strip_tags($text);
	      echo "
";

	      // Allow <p> and <a>
	      echo strip_tags($text, '<p><a>');
	      ?>

	      The above example will output:

	      Test paragraph. Other text
	      <p>Test paragraph.</p> <a href="#fragment">Other text</a>

NOTES

       Warning

	       Because strip_tags(3) does not actually validate the HTML, partial or broken tags can result in the removal of more text/data  than
	      expected.

       Warning

	       This  function does not modify any attributes on the tags that you allow using $allowable_tags, including the style and onmouseover
	      attributes that a mischievous user may abuse when posting text that will be shown to other users.

       Note

	       Tag names within the input HTML that are greater than 1023 bytes in length will be treated as though they are  invalid,	regardless
	      of the $allowable_tags parameter.

SEE ALSO

       htmlspecialchars(3).

PHP Documentation Group 													     STRIP_TAGS(3)