hoffies blog

“eval is evil!”—at least this is what you get told always (and I don’t disagree, btw). So I’m a bit surprised to see something like this

eval("parent::__construct(" . join(',',
    array_map('add_single_quotes', $args)) . ");");

I don’t think there is a (security) problem with this code because of eval() usage, but why use eval() at all if there are better alternatives (call_user_func_array() in this case)?