Welcome Guest, Not a member yet? Register   Sign In
eval code injection

(This post was last modified: 04-23-2020, 10:46 AM by jreklund.)

Hi all

If I disabled eval function in \system\core\Loader.php in CI (v3.1.10) will it affect any area in the application as eval is vulnerable to code injection

Any help would be appreciated.

Thank you.

(This post was last modified: 04-23-2020, 10:48 AM by jreklund.)

You can disable eval() (in you php.ini) without any issue, as long as you have programmed your application without short tags.

PHP Code:
| Rewrite PHP Short Tags
| If your PHP installation does not have short tag support enabled CI
| can rewrite the tags on-the-fly, enabling you to utilize that syntax
| in your view files.  Options are TRUE or FALSE (boolean)
| Note: You need to have eval() enabled for this to work.
$config['rewrite_short_tags'] = FALSE


Theme © iAndrew 2016 - Forum software by © MyBB