Cheap Web Hosting for Developers

84 Chapter 2 Advanced Syntax Figure 2.13 Input form of the dynamic function plotter. The first field takes the function that is to be plotted.This example makes the assumption that x is always the only variable this function depends on. In the second field, you can enter a bit of PHP code that will be executed prior to evaluating the function statement in order to allow assignments to constants (in our case, m and b). Warning The technique used here to directly execute PHP code with eval() supplied by the user should never (we repeat: never ever) be used like this in production scripts. Executing user code introduces a huge security hole into your programs, as everyone could send something like system( rm -r /* ); and delete all data your Web server has access to. It has been done this way here as we want to concentrate on dynamic code generation and execution; for an elaborate discussion about how to secure your scripts (and avoid execution of malicious code),see Chapter 4, Web Application Concepts, and Chapter 5, Basic Web Application Strategies. For now, you can simply click Parse. Figure 2.14 shows what will appear next. So how did the script get from the input form to this graphical output? Let s discuss the inner workings step by step. After you have submitted the input form, the script starts executing the else() clause of the main if() statement.The first function called is as follows: // translate input function to PHP code $parsed_function = parse_function($function_string); parse_function() creates the PHP code from the supplied user input by applying a regular expression to it.To make comfortable use of the math function,it s embedded into a small function, which just assigns the appropriate values to the constants (by referring to user input again) and then executing the math statement, returning the resulting value to the caller.

Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost PHP Web Hosting services