I have some code that looks like this. eval(‘$ruleTrue = ‘.{$value} {$operator} {$value2};); I

Question

0

Asked: June 16, 20262026-06-16T06:06:40+00:00 2026-06-16T06:06:40+00:00

I have some code that looks like this. eval(‘$ruleTrue = ‘.{$value} {$operator} {$value2};); I

0

I have some code that looks like this.

eval('$ruleTrue = '."{$value} {$operator} {$value2};");

I am pulling mostly numeric values from a database and comparing them with other numeric values. The operator comes from a database as well. Possible operators are <,>,==.

Well when comparing ints and floats this works perfectly. BUT when comparing strings it breaks. For instance..

WORKS:
5 > 4
$ruleTrue = true

Doesn’t Work Right:
John-Adams == Alice
$ruleTrue = true <— WHY? Because John is not == to Alice.

For some reason my $ruleTrue variable is being returned as true when comparing strings.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-16T06:06:42+00:00

You’re trying to evaluate this code:

$ruleTrue = John == Alice;

John and Alice aren’t strings, they’re undefined constants. You want to put quotes around them. But be careful, because if your users are able to edit those fields in your database, they could find a way of unquoting the strings and executing their own php code, which could be disastrous. Eval is very unsecure that way, and you probably shouldn’t be using it.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have some code that looks like this. eval(‘$ruleTrue = ‘.{$value} {$operator} {$value2};); I

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply