$r not available to drupal_eval
cwells - October 14, 2007 - 13:36
| Project: | Site User List |
| Version: | 6.x-1.0-beta1 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | needs review |
Description
When eval'ing a template, you say that $r holds the values, but since you generate a code string and pass it to drupal_eval, drupal_eval has no knowledge of $r and so it can't be eval'd. I did the output buffering and eval'ing inline so that you have access to the $r array. I'm not sure this is the best way to do this, but it works.
| Attachment | Size |
|---|---|
| site_user_list.patch | 834 bytes |
#1
Hi! Thanks for this — I will look it over and see if I understand it. I initially used plain
evalin this function; I switched over todrupal_evalbecause it seemed safer, but I didn't realize that it would keep$rfrom being available.Thanks,
Ricky
#2
I just found this same issue.
After patching your module could be nicely combined with "gtspam" to obfuscate mails in just a single line.
Evaluate this: return(gtspam($r['@mail']));
If you don't know your field name, give a try to: return(var_export($r));
Obviously gtspam module need to be installed and enabled. :-)
Thanks you guys for the great module and the patch.
#3
Thank you cwells for your patch.
There is a few things I dislike about your patch.
Here is a patch which is less code change, reuse the existing drupal_eval() and only allow access to the $r array.
Let me know what you think.
#4
I just looked at the patches real quick. This is sure a blast from the past, but if roychri's patch also works, it's a much better solution.
#5
Here is an updated patch for the version 6.x-1.0-beta1 version.
Anyone else want to review and mark as RTBC?
Thanks.