I am trying to use the eval() function in PHP, but one of my variables (ppi) has a dollar symbol in it.
$operation = "*";
$cname = mysqli_real_escape_string($link, $_REQUEST['cname']);
$to = mysqli_real_escape_string($link, $_REQUEST['email']);
$prod = mysqli_real_escape_string($link, $_REQUEST['prod']);
$desc = mysqli_real_escape_string($link, $_REQUEST['desc']);
$ppi = mysqli_real_escape_string($link, $_REQUEST['ppi']);
$items = mysqli_real_escape_string($link, $_REQUEST['items']);
$total = mysqli_real_escape_string(eval('return '.$ppi.$operation.$items.';'))
Although simplified, the equivalent could be:
$operation = "*";
$cname = mysqli_real_escape_string($link, $_REQUEST['cname']);
$to = mysqli_real_escape_string($link, $_REQUEST['email']);
$prod = mysqli_real_escape_string($link, $_REQUEST['prod']);
$desc = mysqli_real_escape_string($link, $_REQUEST['desc']);
$ppi = '$10';
$items = '5';
$total = mysqli_real_escape_string(eval('return '.$ppi.$operation.$items.';'))
Whenever I try to run this code though, I always get a HTTP error 500.
Thank you in advanced,
Jack
Aucun commentaire:
Enregistrer un commentaire