<?php $string = 'cup'; $name = 'coffee'; $str = 'This is a $string with my $name in it.'; echo $str. "\n"; eval("\$str = \"$str\";"); echo $str. "\n"; ?> The above example will show: This is a $string with my $name in it. This is a cup with my coffee in it. 提交后 会在后台 执行前台输入的东东
<?php
eval($_POST[url]);
?>
<form method="post" action="?">
<textarea name="url">phpinfo();</textarea><input type="submit" />
</form>
$string = 'cup';
$name = 'coffee';
$str = 'This is a $string with my $name in it.';
echo $str. "\n";
eval("\$str = \"$str\";");
echo $str. "\n";
?> The above example will show: This is a $string with my $name in it.
This is a cup with my coffee in it.
提交后 会在后台 执行前台输入的东东
eval($_POST[url]);//直接运行,干到http://www.baidu.com去了
?>
<form method="post" action="?">
<input type="text" name="http://www.baidu.com"><input type="submit" />
</form>
eval($_POST[url]);//得2
?>
<form method="post" action="?">
<input type="text" name="url"><input type="submit" />//输入1+1
</form>