eval

Seems that the recommended way of doing indirect variable setting in bash is to use eval : var=x; val=foo eval $var=$val echo $x # --> foo The problem is the usual one with eval : var=x; val=1$'\n'pwd eval $var=$val # bad output here (and since it is recommended in many places, I wonder just how many scripts are vulnerable because of this...) In any case, the obvious solution of using (escaped) quotes doesn't really work: var=x; val=1\"$'\n'pwd\" eval $var=\"$val\" # fail with the above The thing is that bash has indirect variable reference baked in (with ${!foo} ), but I don't see any such

I've heard many places that PHP's eval function is often not the answer . In light of PHP 5.3's LSB and closures we're running out of reasons to depend on eval or create_function . Are there any conceivable cases where eval is the best (only?) answer in PHP 5.3? This question is not about whether eval is evil in general, as it obviously is not. Summary of Answers: Evaluating numerical expressions (or other "safe" subsets of PHP) Unit testing Interactive PHP "shell" Deserialization of trusted var_export Some template languages Creating backdoors for administers and/or hackers Compatibility with

After reading the bash man pages and with respect to this post . I am still having trouble understanding what exactly the eval command does and which would be its typical uses. For example if we do: bash$ set -- one two three # sets $1 $2 $3 bash$ echo $1 one bash$ n=1 bash$ echo ${$n} ## First attempt to echo $1 using brackets fails bash: ${$n}: bad substitution bash$ echo $($n) ## Second attempt to echo $1 using parentheses fails bash: 1: command not found bash$ eval echo \${$n} ## Third attempt to echo $1 using 'eval' succeeds one What exactly is happening here and how do the dollar sign