Differences

This shows you the differences between two versions of the page.

--- rfc:remove_preg_replace_eval_modifier [2012/02/05 15:08] – nikic
+++ rfc:remove_preg_replace_eval_modifier [2017/09/22 13:28] (current) – external edit 127.0.0.1
@@ Line 3: / Line 3: @@
   * Date: 2012-02-04
   * Author: Nikita Popov <nikic@php.net>
-  * Status: In Draft
+  * Status: Implemented
 ===== Summary =====
@@ Line 35: / Line 35: @@
 For example the above example can be used to execute arbitrary PHP code by passing the string
 ''<h1>{${eval($_GET[php_code])}}</h1>''. The evaluted code in this case would be
-''"<h1>" . strtoupper("{${eval($_GET[php_code])}}") . "</h1>"'' and as such execute any PHP code passed in the
+''%%"<h1>" . strtoupper("{${eval($_GET[php_code])}}") . "</h1>"%%'' and as such execute any PHP code passed in the
 ''php_code'' GET variable.
@@ Line 76: / Line 76: @@
 ''addslashes'' always escapes both quote types, but only one of them needs escaping (e.g. in double quoted strings
-only ''"'' should be escaped and in single quoted strings only ''''' should be escaped). This will result in one of
+only ''%%"%%'' should be escaped and in single quoted strings only ''''' should be escaped). This will result in one of
 the quote types to be overescaped. E.g. if ''<h1>Hallo 'World'</h1>'' is passed into the above function the result
 would be ''<h1>HALLO \'WORLD\'</h1>'' (note the additional backslashes).
@@ Line 102: / Line 102: @@
 replaced by a callback there would be no loss in functionality.
-The time line for deprecation and removal is subject to discussion.
+===== Vote =====
+The vote ended with 23 in favor and 4 against the proposal.
+===== Current state =====
+The ''/e'' modifier has been deprecated in trunk in http://svn.php.net/viewvc?view=revision&revision=323862. It will
+be removed at some later point in time.

Differences

Page Tools