Why eval(string) is not needed

[Csaba Gabor]

// Look ma! no evals!
function eval2 (string, noReturn) {
return Function((!noReturn ? "return " : "")+string)(); }

var aR = eval2("/x/");
var Yo = eval2("{a:1, l:1, e:1, r:1, t:1}");
var a = eval2("['Hi', 'Mom']");
var aPri = eval2("a.join(' ').replace(aR,'u');");
var foo = eval2("var f='';for (var i in Yo) f+=i; return(f)",true);
eval2 (foo+"('"+aPri+"')");


Csaba Gabor from Vienna

 

[Douglas Crockford]

// Look ma! no evals!
function eval2 (string, noReturn) {
return Function((!noReturn ? "return " : "")+string)(); }

var aR = eval2("/x/");
var Yo = eval2("{a:1, l:1, e:1, r:1, t:1}");
var a = eval2("['Hi', 'Mom']");
var aPri = eval2("a.join(' ').replace(aR,'u');");
var foo = eval2("var f='';for (var i in Yo) f+=i; return(f)",true);
eval2 (foo+"('"+aPri+"')");

The Function constructor is just an alias for eval. It is equally as evil.

var aR = /x/;
var Yo = {a: 1, l: 1, e: 1, r: 1, t: 1};
var a = ['Hi', 'Mom'];
var aPri = a.join(' ').replace(aR, 'u');
var foo = function () {
var f = '';
for (var i in Yo) {
f += i;
}
return f;
}();
foo(aPri);

http://javascript.crockford.com

 

[Lasse Reichstein Nielsen]

// Look ma! no evals!
function eval2 (string, noReturn) {
return Function((!noReturn ? "return " : "")+string)(); }

And merry first of April to you too

And a case where your eval2 fails to work like eval:

var x = "suckered!";
function foo() {
var x = 42;
alert(eval2("x"));
}
foo();

Good luck!
/L

 

[VK]

// Look ma! no evals!
function eval2 (string, noReturn) {
return Function((!noReturn ? "return " : "")+string)(); }

var aR = eval2("/x/");
var Yo = eval2("{a:1, l:1, e:1, r:1, t:1}");
var a = eval2("['Hi', 'Mom']");
var aPri = eval2("a.join(' ').replace(aR,'u');");
var foo = eval2("var f='';for (var i in Yo) f+=i; return(f)",true);
eval2 (foo+"('"+aPri+"')");


Csaba Gabor from Vienna

eval('alert(eval(\'2+2\')/eval(\'2\'))'); // 2

Instead of three absolutely necessary eval's I could make it with just
one (others are inside the string so doesn't count