How to use PHP eval () safely?

problem description

this function is useful for code storage in the database text field for later calculation.

this kind of requirement is encountered in the current project. If you use eval, what checks are required to ensure maximum security?

related codes

$result = [];
$code_from_db = "return function($var1_in_code, $var2_in_code);";
foreach ($datas as $data) {
   $var1_in_code = $data->d1;
   $var2_in_code = $data->d2;
   $result[] = eval($code_from_db);
}
return $result;
Php
Aug.27,2021


puts forward the content of string, and then rewrites the manual calculation.

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1e60e43-4cfee.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1e60e43-4cfee.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?