diff options
| author | Steven Wittens <steven@10.no-reply.drupal.org> | 2004-09-16 16:12:21 +0000 |
|---|---|---|
| committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2004-09-16 16:12:21 +0000 |
| commit | aded5841029c0639dd5c9da1bb5c779beda76abf (patch) | |
| tree | 0022d38d67f10ecb7de9620f9905fd6f32f79db8 /includes | |
| parent | c4403eed121c115aa78bd35efce4b0197e96b55c (diff) | |
| download | brdo-aded5841029c0639dd5c9da1bb5c779beda76abf.tar.gz brdo-aded5841029c0639dd5c9da1bb5c779beda76abf.tar.bz2 | |
Adding a note about drupal_eval() acting like a variable sandbox.
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/includes/common.inc b/includes/common.inc index 445344f5c..bc9cac4eb 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -1861,6 +1861,9 @@ function mime_header_encode($string, $charset = 'UTF-8') { * <?php ?> tags; in other words, we evaluate the code as if it were a stand-alone * PHP file. * + * Using this wrapper also ensures that the PHP code which is evaluated can not + * overwrite any variables in the calling code, unlike a regular eval() call. + * * @param $code * The code to evaluate. * @return |