.. _structures-evalwithouttry: .. _eval()-without-try: eval() Without Try ++++++++++++++++++ ``eval()`` emits a ``ParseError`` `exception `_ with PHP 7 and later. Catching this `exception `_ is the recommended way to handle errors when using the ``eval()`` function. Note that it will catch situations where ``eval()`` is provided with code that can't be used, but it will not catch security problems. Avoid using ``eval()`` with incoming data. .. code-block:: php Connex PHP features ------------------- + `eval `_ Suggestions ___________ * Always add a try/catch block around eval() call Specs _____ +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Short name | Structures/EvalWithoutTry | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Rulesets | :ref:`All `, :ref:`Analyze `, :ref:`CE `, :ref:`CI-checks `, :ref:`Changed Behavior `, :ref:`Security ` | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Exakat since | 0.8.4 | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | PHP Version | With PHP 7.0 and more recent | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Severity | Critical | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Time To Fix | Quick (30 mins) | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Changed Behavior | PHP 7.0 - `More `__ | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Precision | Very high | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Examples | :ref:`case-fuelcms-structures-evalwithouttry`, :ref:`case-expressionengine-structures-evalwithouttry` | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Related rule | :ref:`could-use-try` | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Available in | `Entreprise Edition `_, `Community Edition `_, `Exakat Cloud `_ | +------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+