i have a file with below data
this is a text file with html format $testarray['G']
i use this script but it is not work properly.
<?php $testarray=array();
$testarray['G']=100;
$result222 =file_get_contents(realpath('file.php'));
printf($result222);?>
i want this script, print out below line
this is a text file with html format 100
i do't want to use include or require function because user can insert php code in this file and i do't want user can use php codes in this file
can anybody help me?
many thanks
If you know the string you expect to perform a substitution on, you can always do it manually with str_replace(). However, it looks like you want to be able to substitute arbitrary variables into the string, which I implore you to not do. You are giving this PHP script way too much power as is. I can think of a few exploits off the top of my head, such as injecting superglobals among simply brute forcing variable names.
Edit: I realize now that I also didn't give you the straightforward answer which does as you request: the eval() function. You should be able to craft a string that assigns the contents of the file to a variable, which should perform variable substitutions by the PHP parser. Please don't use it, but if you do be very careful.
i used below script
$result222 =file_get_contents(realpath('file.php'));
$result222=str_replace(array("<?","?>")," ",$result222);
print eval("return<<<ENDEVAL\n$result222\nENDEVAL;\n");
Related
I want to use printing command bellow in many places of my script. But I need to keep replacing "Survived" with some other string.
print(df.Survived.value_counts())
Can I automate the process by formating variable the same way as string? So if I want to replace "Survived" with "different" can I use something like:
var = 'different'
text = 'df.{}.value_counts()'.format(var)
print(text)
unfortunately this prints out "df.different.value_counts()" as as a string, while I need to print the value of df.different.value_counts()
I'm pretty sure alot of IDEs, have this option that is called refactoring, and it allows you to change a similar line of code/string on every line of code to what you need it to be.
I'm aware of VSCode's way of refactoring, is by selecting a part of the code and right click to select the option called change all occurances. This will replace the exact code on every line if it exists.
But if you want to do what you proposed, then eval('df.{}.value_counts()'.format(var)) is an option, but this is very unsecured and dangerous, so a more safer approach would be importing the ast module and using it's literal_eval function which is safer. ast.literal_eval('df.{}.value_counts()'.format(var)).
if ast.literal_eval() doesn't work then try this final solution that works.
def cat():
return 1
text = locals()['df.{}.value_counts'.format(var)]()
Found the way: print(df[var].value_counts())
Lets say that there is a function in my Delphi app:
MsgBox
and there is a string which has MsgBox in it.
I know what most of you are going to say is that its possible, but I think it is possible because I opened the compiled exe(compiled using delphi XE2) using a Resource Editor, and that resource editor was built for Delphi. In that, I could see most of the code I wrote, as I wrote it. So since the variables names, function names etc aren't changed during compile, there should a way to execute the functions from a string, but how? Any help will be appreciated.
EDIT:
What I want to do is to create a simple interpreter/scripting engine. And this is how its supposed to work:
There are two files, scr.txt and arg.txt
scr.txt contains:
msg_show
0
arg.txt contains:
"Message"
And now let me explain what that 0 is:
First, scr.txt's first line is function name
second line tells that at which line its arguments are in the arg.txt, i.e 0 tells that "Message" is the argument for msg_show.
I hope my question is now clear.
I want to make a simple scripting engine.
In order to execute arbitrary code stored as text, you need a compiler or an interpreter. Either you need to write one yourself, or embed one that already exists. Realistically, the latter option is your best option. There are a number available but in my view it's hard to look past dwscript.
I think I've already solved my problem! The answer is in this question's first answer.
EDIT:
But with that, as for a workaround of the problem mentioned in first comment, I have a very easy solution.
You don't need to pass all the arguments/parameters to it. Just take my example:
You have two files, as mentioned in the question. Now you need to execute the files. It is as simple as that:
read the first line of scr.txt
check if it's a function. If not, skip the line
If yes, read the next line which tells the index where it's arguments are in arg.txt
pass on the index(an integer) to the "Call" function.
Now to the function which has to be executed, it should know how many arguments it needs. i.e 2
Lets say that the function is "Sum(a,b : integer)".It needs 2 arguments
Now let the function read the two arguments from arg.txt.
And its done!
I hope it will help you all.
And I can get some rep :)
I am trying to generate a drop-down for a Jenkins job that will parse out the version numbers from the file names in a Linux directory. I have gotten it to work most of the way but I think my lack of knowledge of groovy has me at a standstill. Here is the code I have:
Arrays.asList(new File("/path/to/files").list().join(", ").findAll(/(\d+)\.(\d+)\.(\d+)\.(\d+)/))
and my file names look like:
returns?-?1.0.0.19?.war
returns?-?1.0.0.20?.war
What I get as a return from the Jenkins script console is:
Result: [[1.0.0.19, 1.0.0.20]]
This is essentially what I want but in the Jenkins job I get one item in the drop-down that is everything inside the outer brackets.
[1.0.0.19, 1.0.0.20]
I think the second set of brackets is the issue and I have tried to remove them using Groovy's .minus() method, double escaping the brackets, with no luck. I have also tried the .split() method, with no luck.
Any help would be greatly appreciated!
You do not need Arrays.asList(). Below should suffice.
new File("/opt/staples/ci-tools/workspace/archive/returns")
.list()
.join(',')
.findAll(/(\d+)\.(\d+)\.(\d+)\.(\d+)/)
I'm trying to remove the directory prefix from $soy:
a=${soy#*$PREFIX}
then changing slashes per dots:
b=${a//\//.}
the goal is to convert a file-path to a module path inside a program.
Anyways, is there any way to do this i one expression using composition?
This doesn't work :(
${${soy#*$PREFIX}//\//.}
According to this blog comment at Linux Journal, you can't do multiple operations in one expression.
As part of my probably wrong and cumbersome solution to print out a form I have taken a MS-Word document, saved as XML and I'm trying to store that XML as a groovy string so that I can ${fillOutTheFormProgrammatically}
However, with MS-Word documents being as large as they are, the String is 113100 unicode characters and Groovy says its limited to 65536. Is there some way to change this or am I stuck with splitting up the string?
Groovy - need to make a printable form
That's what I'm trying to do.
Update: to be clear its too long of a Groovy String.. I think a regular string might be all good. Going to change strategy and put some strings in the file I can easily find like %!%variable_name%!% and then do .replace(... uh i feel a new question coming on here...
Are you embedding this string directly in your groovy code? The jvm itself has a limit on the length of string constants, see the VM Spec if you are interested in details.
A ugly workaround might be to split the string in smaller parts and concatenate them at runtime. A better solution would be to save the text in an external file and read the contents from your code. You could also package this file along with your code and access it from the classpath using Class#getResourceAsStream.