mirror of
https://github.com/danog/psalm.git
synced 2024-12-12 09:19:40 +01:00
db566c7c4d
Ref #4590
321 B
321 B
TaintedEval
Emitted when user-controlled input can be passed into to an eval
call.
Passing untrusted user input to eval
calls is dangerous, as it allows arbitrary data to be executed on your server.
<?php
$name = $_GET["name"];
evalCode($name);
function evalCode(string $name) {
eval($name);
}