[pLog-svn] php security scanner
Oscar Renalias
oscar at renalias.net
Tue Jul 4 22:39:13 GMT 2006
Interesting comments... I will try to look at all these, unless
somebody else looks at them before I do :-)
On 7/4/06, Jon Daley <plogworld at jon.limedaley.com> wrote:
> Is this eval necessary? Couldn't it just be written something like:
> $this->_$key = $parts["$key"];
> Is there any advantage using the eval?
> (I try to avoid evals and execs for general paranoia)
>
> url.class.php:
> function _calculateFields() {
> $parts = parse_url( $this->_url );
> $keys = Array( "scheme", "host", "port", "user", "pass",
> "path", "query", "fragment" );
>
> // this saves us time ;)
> foreach( $keys as $key ) {
> if (isset($parts[$key])) {
> $line = "\$this->_$key = \$parts[\"$key\"];";
> eval($line);
> }
> }
> }
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
More information about the pLog-svn
mailing list