eval is a function that allows a programmer to execute arbitrary code written in the same language, from a string variable within a code.
eval
is a function available in a number of programming languages (including php, ruby, python, bash, javascript, among others), which allows programmers to execute arbitrary code written in the same language, from a string variable within a code.
Documentation
Disadvantages
Use of the eval
function is generally considered to be bad practice, for a number of reasons:
Most importantly, it can cause severe security issues in any code that uses
eval
. Becauseeval
will run any code in its host language, a hacker may use aneval
statement to run his own code, and thus compromise the system. To minimize the effect, a programmer shall have to verify syntax of the statement that have to be evalulated.Secondly, it is slow. Most languages, even interpreted ones such as php and javascript, have built-in optimisers and just-in-time compilers to speed up execution. However code run via an
eval
statement cannot be optimised, as the interpreter cannot know the exact code that will be run until it is too late to run any optimisations.Finally, in almost all cases, use of
eval
is unnecessary, as the desired effect can almost always be achieved without needing to use it.