Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Hey guys, you won't believe what happaned to me, I left my laptop open in a hacker coffee shop and went to take a piss, and when I returned I fou d out that someone stole all my crypto CockRingCoin 😭😭 I lost a million and a half Shekels but then remembered my brother has a cousin who knows a lawyer who's wife is a friend with a wolf who knows a real matrix hacker who can hack CIA using only his toes, I contacted him and you wouldn't believe it but he got all of my cock coins back to me, I don't know what I would've done without him. If anybody needs help recovering crypto I can more than reccomend my dear holy saviour LeHackerCockSucker
WhatsApp: +972-50-EATMYASS-0
Email: ciahacker@cock.gov
But then as I was happily looking at my crypto returned I notice a few payments I don't rwmember making, turns out, my wife was cheating on me! And using my crypto to buy her lover stuff!
So I contacted the afformentioned lawyer who's a friend of the cousin that my brother has, and he helped me file for divorce and punish my cheating wife, for anybody needing a marriage lawyer:
WhatsApp: +972-54-DeliciousPussy-6
Email: eatmypussy@lawyers.porn
I am now happily married with the wolf who's the friend of the lawyer's wife and he fucks me in the ass every night. If you want a good life like mine you know who to call.6 -
The dangers of PHP eval()
Yup. "Scary, you better make use of include instead" — I read all the time everywhere. I want to hear good case scenarios and feel safe with it.
I use the eval() method as a good resource to build custom website modules written in PHP which are stored and retrieved back from a database. I ENSURED IS SAFE AND CAN ONLY BE ALTERED THROUGH PRIVILEGED USERS. THERE. I SAID IT. You could as well develop a malicious module and share it to be used on the same application, but this application is just for my use at the moment so I don't wanna worry more or I'll become bald.
I had to take out my fear and confront it in front of you guys. If i had to count every single time somebody mentions on Stack Overflow or the comments over PHP documentation about the dangers of using eval I'd quit already.
Tell me if I'm wrong: in a safe environment and trustworthy piece of code is it OK to execute eval('?>'.$pieceOfCode); ... Right?
The reason I store code on the database is because I create/edit modules on the web editor itself.
I use my own coded layers to authenticate a privileged user: A single way to grant access to admin functions through a unique authentication tunnel granting so privileged user to access the editor or send API requests, custom htaccess rules to protect all filesystem behind the domain root path, a custom URI controller + SSL. All this should do the trick to safely use the damn eval(), is that right?!
Unless malicious code is found on the code stored prior to its evaluation.
But FFS, in such scenario, why not better fuck up the framework filesystem instead? Is one password closer than the database.
I will need therapy after this. I swear.
If 'eval is evil' (as it appears in the suggested tags for this post) how can we ensure that third party code is ever trustworthy without even looking at it? This happens already with chrome extensions, or even phone apps a long time after reaching to millions of devices.11
Top Tags
Weekly Rant
View