In some
programming language
A programming language is a system of notation for writing computer programs.
Programming languages are described in terms of their Syntax (programming languages), syntax (form) and semantics (computer science), semantics (meaning), usually def ...
s,
eval
, short for
evaluate
In common usage, evaluation is a systematic determination and assessment of a subject's merit, worth and significance, using criteria governed by a set of standards. It can assist an organization, program, design, project or any other intervention ...
, is a
function which evaluates a string as though it were an
expression in the language, and returns a
result
A result (also called upshot) is the outcome or consequence of a sequence of actions or events. Possible results include gain, injury, value, and victory. Some types of results include the outcome of an action, the final value of a calculation ...
; in others, it executes multiple lines of code as though they had been included instead of the line including the
eval
. The input to
eval
is not necessarily a string; it may be structured representation of code, such as an
abstract syntax tree
An abstract syntax tree (AST) is a data structure used in computer science to represent the structure of a program or code snippet. It is a tree representation of the abstract syntactic structure of text (often source code) written in a formal ...
(like
Lisp
Lisp (historically LISP, an abbreviation of "list processing") is a family of programming languages with a long history and a distinctive, fully parenthesized Polish notation#Explanation, prefix notation.
Originally specified in the late 1950s, ...
forms), or of special type such as
code
(as in Python). The analog for a
statement is
exec, which executes a string (or code in other format) as if it were a statement; in some languages, such as Python, both are present, while in other languages only one of either
eval
or
exec
is.
Security risks
Using
eval
with data from an untrusted source may introduce security vulnerabilities. For instance, assuming that the
get_data()
function gets data from the Internet, this
Python code is insecure:
session authenticated'= False
data = get_data()
foo = eval(data)
An attacker
could supply the program with the string
"session.update(authenticated=True)"
as data, which would update the
session
dictionary to set an authenticated key to be True. To remedy this, all data which will be used with
eval
must be escaped, or it must be run without access to potentially harmful functions.
Implementation
In
interpreted language
In computer science, an interpreter is a computer program that directly executes instructions written in a programming or scripting language, without requiring them previously to have been compiled into a machine language program. An inter ...
s,
eval
is almost always implemented with the same interpreter as normal code. In
compiled language
Compiled language categorizes a programming language as used with a compiler and generally implies not used with an interpreter. But, since any language can theoretically be compiled or interpreted the term lacks clarity. In practice, for some lan ...
s, the same compiler used to compile programs may be embedded in programs using the
eval
function; separate interpreters are sometimes used, though this results in
code duplication.
Programming languages
ECMAScript
JavaScript
In
JavaScript
JavaScript (), often abbreviated as JS, is a programming language and core technology of the World Wide Web, alongside HTML and CSS. Ninety-nine percent of websites use JavaScript on the client side for webpage behavior.
Web browsers have ...
,
eval
is something of a hybrid between an expression evaluator and a statement executor. It returns the result of the last expression evaluated.
Example as an expression evaluator:
foo = 2;
alert(eval('foo + 2'));
Example as a statement executor:
foo = 2;
eval('foo = foo + 2;alert(foo);');
One use of JavaScript's
eval
is to parse
JSON
JSON (JavaScript Object Notation, pronounced or ) is an open standard file format and electronic data interchange, data interchange format that uses Human-readable medium and data, human-readable text to store and transmit data objects consi ...
text, perhaps as part of an
Ajax
Ajax may refer to:
Greek mythology and tragedy
* Ajax the Great, a Greek mythological hero, son of King Telamon and Periboea
* Ajax the Lesser, a Greek mythological hero, son of Oileus, the king of Locris
* Ajax (play), ''Ajax'' (play), by the an ...
framework. However, modern browsers provide
JSON.parse
as a more secure alternative for this task.
ActionScript
In
ActionScript
ActionScript is an object-oriented programming language originally developed by Macromedia Inc. (later acquired by Adobe). It is influenced by HyperTalk, the scripting language for HyperCard. It is now an implementation of ECMAScript (mean ...
(Flash's programming language),
eval
cannot be used to evaluate arbitrary expressions. According to the Flash 8 documentation, its usage is limited to expressions which represent "the name of a variable, property, object, or movie clip to retrieve. This parameter can be either a String or a direct reference to the object instance."
ActionScript 3 does not support eval.
The ActionScript 3 Eval Library and the D.eval API were development projects to create equivalents to
eval
in ActionScript 3. Both have ended, as
Adobe Flash Player
Adobe Flash Player (known in Internet Explorer, Firefox, and Google Chrome as Shockwave Flash) is a discontinuedExcept in China, where it continues to be used, as well as Harman for enterprise users. computer program for viewing multimedia ...
has reached its
end-of-life.
Lisp
Lisp
Lisp (historically LISP, an abbreviation of "list processing") is a family of programming languages with a long history and a distinctive, fully parenthesized Polish notation#Explanation, prefix notation.
Originally specified in the late 1950s, ...
was the original language to make use of an
eval
function in 1958. In fact, definition of the
eval
function led to the first implementation of the language interpreter.
[John McCarthy, "History of Lisp - The Implementation of Lisp"](_blank)
/ref>
Before the eval
function was defined, Lisp functions were manually compiled to assembly language
In computing, assembly language (alternatively assembler language or symbolic machine code), often referred to simply as assembly and commonly abbreviated as ASM or asm, is any low-level programming language with a very strong correspondence bet ...
statements. However, once the eval
function had been manually compiled it was then used as part of a simple read-eval-print loop which formed the basis of the first Lisp interpreter.
Later versions of the Lisp eval
function have also been implemented as compilers.
The eval
function in Lisp expects a form to be evaluated as its argument. The resulting value of the given form will be the returned value of the call to eval
.
This is an example Lisp code:
; A form which calls the + function with 1,2 and 3 as arguments.
; It returns 6.
(+ 1 2 3)
; In Lisp any form is meant to be evaluated, therefore
; the call to + was performed.
; We can prevent Lisp from performing evaluation
; of a form by prefixing it with "'", for example:
(setq form1 '(+ 1 2 3))
; Now form1 contains a form that can be used by eval, for
; example:
(eval form1)
; eval evaluated (+ 1 2 3) and returned 6.
Lisp is well known to be very flexible and so is the eval
function. For example, to evaluate the content of a string, the string would first have to be converted into a Lisp form using the read-from-string
function and then the resulting form would have to be passed to eval
:
(eval (read-from-string "(format t \"Hello World!!!~%\")"))
One major point of confusion is the question, in which context the symbols in the form will be evaluated. In the above example, form1
contains the symbol +
. Evaluation of this symbol must yield the function for addition to make the example work as intended. Thus some dialects of Lisp allow an additional parameter for eval
to specify the context of evaluation (similar to the optional arguments to Python's eval
function - see below). An example in the Scheme dialect of Lisp (R5RS and later):
;; Define some simple form as in the above example.
(define form2 '(+ 5 2))
;Value: form2
;; Evaluate the form within the initial context.
;; A context for evaluation is called an "environment" in Scheme slang.
(eval form2 user-initial-environment)
;Value: 7
;; Confuse the initial environment, so that + will be
;; a name for the subtraction function.
(environment-define user-initial-environment '+ -)
;Value: +
;; Evaluate the form again.
;; Notice that the returned value has changed.
(eval form2 user-initial-environment)
;Value: 3
Perl
In Perl
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Though Perl is not officially an acronym, there are various backronyms in use, including "Practical Extraction and Reporting Language".
Perl was developed ...
, the eval
function is something of a hybrid between an expression evaluator and a statement executor. It returns the result of the last expression evaluated (all statements are expressions in Perl programming), and allows the final semicolon to be left off.
Example as an expression evaluator:
$foo = 2;
print eval('$foo + 2'), "\n";
Example as a statement executor:
$foo = 2;
eval('$foo += 2; print "$foo\n";');
Perl
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Though Perl is not officially an acronym, there are various backronyms in use, including "Practical Extraction and Reporting Language".
Perl was developed ...
also has eval
''blocks'', which serves as its exception handling
In computing and computer programming, exception handling is the process of responding to the occurrence of ''exceptions'' – anomalous or exceptional conditions requiring special processing – during the execution of a program. In general, an ...
mechanism (see Exception handling syntax#Perl). This differs from the above use of eval
with strings in that code inside eval
blocks is interpreted at compile-time instead of run-time, so it is not the meaning of eval
used in this article.
PHP
In PHP
PHP is a general-purpose scripting language geared towards web development. It was originally created by Danish-Canadian programmer Rasmus Lerdorf in 1993 and released in 1995. The PHP reference implementation is now produced by the PHP Group. ...
, eval
executes code in a string almost exactly as if it had been put in the file instead of the call to eval()
. The only exception is that errors are reported as coming from a call to eval()
, and return statements become the result of the function.
Unlike some languages, the argument to eval
must be a string of one or more complete statements, not just expressions; however, one can get the "expression" form of eval
by putting the expression in a return statement, which causes eval
to return the result of that expression.
Unlike some languages, PHP's eval
is a "language construct" rather than a function, and so cannot be used in some contexts where functions can be, like higher-order functions.
Example using echo:
Example returning a value:
Lua
In Lua 5.1, loadstring
compiles Lua code into an anonymous function.
Example as an expression evaluator:
loadstring("print('Hello World!')")()
Example to do the evaluation in two steps:
a = 1
f = loadstring("return a + 1") -- compile the expression to an anonymous function
print(f()) -- execute (and print the result '2')
Lua 5.2 deprecates loadstring
in favor of the existing load
function, which has been augmented to accept strings. In addition, it allows providing the function's environment directly, as environments are now upvalues.
load("print('Hello ' .. a)", "", "t", )()
PostScript
PostScript
PostScript (PS) is a page description language and dynamically typed, stack-based programming language. It is most commonly used in the electronic publishing and desktop publishing realm, but as a Turing complete programming language, it c ...
's exec
operator takes an operand — if it is a simple literal it pushes it back on the stack. If one takes a string containing a PostScript expression however, one can convert the string to an executable which then can be executed by the interpreter, for example:
((Hello World) =) cvx exec
converts the PostScript expression
(Hello World) =
which pops the string "Hello World" off the stack and displays it on the screen, to have an executable type, then is executed.
PostScript's run
operator is similar in functionality but instead the interpreter interprets PostScript expressions in a file, itself.
(file.ps) run
Python
In Python, the eval
function in its simplest form evaluates a single expression.
eval
example (interactive shell):
>>> x = 1
>>> eval('x + 1')
2
>>> eval('x')
1
The eval
function takes two optional arguments, global
and locals
, which allow the programmer to set up a restricted environment for the evaluation of the expression.
The exec
statement (or the exec
function in Python 3.x) executes statements:
exec
example (interactive shell):
>>> x = 1
>>> y = 1
>>> exec "x += 1; y -= 1"
>>> x
2
>>> y
0
The most general form for evaluating statements/expressions is using code objects. Those can be created by invoking the compile()
function and by telling it what kind of input it has to compile: an "exec
" statement, an "eval
" statement or a "single
" statement:
compile
example (interactive shell):
>>> x = 1
>>> y = 2
>>> eval (compile ("print 'x + y = ', x + y", "compile-sample.py", "single"))
x + y = 3
D
D is a statically compiled language and therefore does not include an "eval
" statement in the traditional sense, but does include the related "mixin
" statement. The difference is that, where "eval
" interprets a string as code at runtime, with a "mixin
" the string is statically compiled like ordinary code and must be known at compile time. For example:
import std.stdio;
void main()
The above example will compile to exactly the same assembly language instructions as if "num++;
" had been written directly instead of mixed in. The argument to mixin doesn't need to be a string literal, but arbitrary expressions resulting in a string value, including function calls, that can be evaluated at compile time.
ColdFusion
ColdFusion's evaluate
function lets users evaluate a string expression at runtime.
It is particularly useful when users need to programmatically choose the variable they want to read from.
ownumber)>
Ruby
The Ruby programming language interpreter offers an eval
function similar to Python or Perl, and also allows a scope, or binding, to be specified.
Aside from specifying a function's binding, eval
may also be used to evaluate an expression within a specific class definition binding or object instance binding, allowing classes to be extended with new methods specified in strings.
a = 1
eval('a + 1') # (evaluates to 2)
# evaluating within a context
def get_binding(a)
binding
end
eval('a+1',get_binding(3)) # (evaluates to 4, because 'a' in the context of get_binding is 3)
class Test; end
Test.class_eval("def hello; return 'hello';end") # add a method 'hello' to this class
Test.new.hello # evaluates to "hello"
Forth
Most standard implementations of Forth have two variants of eval
: EVALUATE
and INTERPRET
.
Win32FORTH code example:
S" 2 2 + ." EVALUATE \ Outputs "4"
BASIC
REALbasic
In REALbasic
The Xojo programming environment and programming language is developed and commercially marketed by Xojo, Inc. of Austin, Texas for software development targeting macOS, Microsoft Windows, Linux, iOS, Android, the Web and Raspberry Pi. Xojo us ...
, there is a class called RBScript which can execute REALbasic code at runtime. RBScript is very sandboxed—only the most core language features are there, and users have to allow it access to things they would like it to have. They can optionally assign an object to the context property. This allows for the code in RBScript to call functions and use properties of the context object. However, it is still limited to only understanding the most basic types, so if they have a function that returns a Dictionary or MySpiffyObject, RBScript will be unable to use it. Users can also communicate with their RBScript through the Print and Input events.
VBScript
Microsoft's VBScript, which is an interpreted language, has two constructs. Eval
is a function evaluator that can include calls to user-defined functions. (These functions may have side-effects such as changing the values of global variables.) Execute
executes one or more colon-separated statements, which can change global state.
Both VBScript and JScript eval
are available to developers of compiled Windows applications (written in languages which do not support Eval) through an ActiveX control called the Microsoft Script Control, whose Eval method can be called by application code. To support calling of user-defined functions, one must first initialize the control with the AddCode method, which loads a string (or a string resource) containing a library of user-defined functions defined in the language of one's choice, prior to calling Eval.
Visual Basic for Applications
Visual Basic for Applications
Visual Basic for Applications (VBA) is an implementation of Microsoft's event-driven programming language Visual Basic 6, Visual Basic 6.0 built into most desktop Microsoft Office applications. Although based on pre-.NET Visual Basic, which is no ...
(VBA), the programming language of Microsoft Office, is a virtual machine language where the runtime environment compiles and runs p-code
Bytecode (also called portable code or p-code) is a form of instruction set designed for efficient execution by a software interpreter. Unlike human-readable source code, bytecodes are compact numeric codes, constants, and references (normal ...
. Its flavor of Eval supports only expression evaluation, where the expression may include user-defined functions and objects (but not user-defined variable names). Of note, the evaluator is different from VBS, and invocation of certain user-defined functions may work differently in VBA than the identical code in VBScript.
Smalltalk
As Smalltalk
Smalltalk is a purely object oriented programming language (OOP) that was originally created in the 1970s for educational use, specifically for constructionist learning, but later found use in business. It was created at Xerox PARC by Learni ...
's compiler classes are part of the standard class library and usually present at run time, these can be used to evaluate a code string.
Compiler evaluate:'1 + 2'
Because class and method definitions are also implemented by message-sends (to class objects), even code changes are possible:
Compiler evaluate:'Object subclass:#Foo'
Tcl
The Tcl programming language has a command called eval
, which executes the source code provided as an argument. Tcl represents all source code as strings, with curly braces acting as quotation marks, so that the argument to eval
can have the same formatting as any other source code.
set foo
eval $foo
bs
bs has an eval
function that takes one string argument. The function is both an expression evaluator and a statement executor. In the latter role, it can also be used for error handling. The following examples and text are from the bs
man page
A man page (short for manual page) is a form of software documentation found on Unix and Unix-like operating systems. Topics covered include programs, system libraries, system calls, and sometimes local system details. The local host administr ...
as appears in the UNIX System V
Unix System V (pronounced: "System Five") is one of the first commercial versions of the Unix operating system. It was originally developed by AT&T and first released in 1983. Four major versions of System V were released, numbered 1, 2, 3, an ...
Release 3.2 Programmer's Manual.[
]
Command-line interpreters
Unix shells
The ''eval'' command is present in all Unix shell
A Unix shell is a Command-line_interface#Command-line_interpreter, command-line interpreter or shell (computing), shell that provides a command line user interface for Unix-like operating systems. The shell is both an interactive command languag ...
s, including the original "sh" (Bourne shell
The Bourne shell (sh) is a shell command-line interpreter for computer operating systems. It first appeared on Version 7 Unix, as its default shell. Unix-like systems continue to have /bin/sh—which will be the Bourne shell, or a symbolic lin ...
). It concatenates all the arguments with spaces, then re-parses and executes the result as a command.
PowerShell
In PowerShell
PowerShell is a shell program developed by Microsoft for task automation and configuration management. As is typical for a shell, it provides a command-line interpreter for interactive use and a script interpreter for automation via a langu ...
, the Invoke-Expression
Cmdlet serves the same purpose as the eval function in programming languages like JavaScript, PHP and Python.
The Cmdlet runs any PowerShell expression that is provided as a command parameter in the form of a string and outputs the result of the specified expression.
Usually, the output of the Cmdlet is of the same type as the result of executing the expression. However, if the result is an empty array, it outputs $null
. In case the result is a single-element array, it outputs that single element. Similar to JavaScript, PowerShell allows the final semicolon to be left off.
Example as an expression evaluator:
PS > $foo = 2
PS > Invoke-Expression '$foo + 2'
Example as a statement executor:
PS > $foo = 2
PS > Invoke-Expression '$foo += 2; $foo'
Microcode
In 1966 IBM
International Business Machines Corporation (using the trademark IBM), nicknamed Big Blue, is an American Multinational corporation, multinational technology company headquartered in Armonk, New York, and present in over 175 countries. It is ...
Conversational Programming System
Conversational Programming System or CPS is an early Time-sharing system offered by IBM which runs on System/360 mainframe computer, mainframes ''circa'' 1967 through 1972 in a partition of OS/360 Release 17 MFT II or MVT or above. CPS is imple ...
(CPS) introduced a microprogrammed function EVAL
to perform "interpretive evaluation of expressions which are written in a modified Polish-string notation" on an IBM System/360 Model 50. Microcoding this function was "substantially more" than five times faster compared to a program that interpreted an assignment statement.
Theory
In theoretical computer science
Theoretical computer science is a subfield of computer science and mathematics that focuses on the Abstraction, abstract and mathematical foundations of computation.
It is difficult to circumscribe the theoretical areas precisely. The Associati ...
, a careful distinction is commonly made between eval and apply
In mathematics and computer science, apply is a function that applies a function to arguments. It is central to programming languages derived from lambda calculus, such as LISP and Scheme, and also in functional languages. It has a role in the ...
. ''Eval'' is understood to be the step of converting a quoted string into a callable function and its arguments, whereas ''apply'' is the actual call of the function with a given set of arguments. The distinction is particularly noticeable in functional language
In computer science, functional programming is a programming paradigm where programs are constructed by applying and composing functions. It is a declarative programming paradigm in which function definitions are trees of expressions that map ...
s, and languages based on lambda calculus
In mathematical logic, the lambda calculus (also written as ''λ''-calculus) is a formal system for expressing computability, computation based on function Abstraction (computer science), abstraction and function application, application using var ...
, such as LISP
Lisp (historically LISP, an abbreviation of "list processing") is a family of programming languages with a long history and a distinctive, fully parenthesized Polish notation#Explanation, prefix notation.
Originally specified in the late 1950s, ...
and Scheme. Thus, for example, in Scheme, the distinction is between
(eval '(f x) )
where the form (f x) is to be evaluated, and
(apply f (list x))
where the function ''f'' is to be called with argument ''x''.
''Eval'' and ''apply'' are the two interdependent components of the ''eval-apply cycle'', which is the essence of evaluating Lisp, described in SICP.The Metacircular Evaluator
(SICP Section 4.1)
In
category theory
Category theory is a general theory of mathematical structures and their relations. It was introduced by Samuel Eilenberg and Saunders Mac Lane in the middle of the 20th century in their foundational work on algebraic topology. Category theory ...
, the ''eval''
morphism
In mathematics, a morphism is a concept of category theory that generalizes structure-preserving maps such as homomorphism between algebraic structures, functions from a set to another set, and continuous functions between topological spaces. Al ...
is used to define the
closed monoidal category. Thus, for example, the
category of sets
In the mathematical field of category theory, the category of sets, denoted by Set, is the category whose objects are sets. The arrows or morphisms between sets ''A'' and ''B'' are the functions from ''A'' to ''B'', and the composition of mor ...
, with functions taken as morphisms, and the
cartesian product
In mathematics, specifically set theory, the Cartesian product of two sets and , denoted , is the set of all ordered pairs where is an element of and is an element of . In terms of set-builder notation, that is
A\times B = \.
A table c ...
taken as the
product, forms a
Cartesian closed category
In category theory, a Category (mathematics), category is Cartesian closed if, roughly speaking, any morphism defined on a product (category theory), product of two Object (category theory), objects can be naturally identified with a morphism defin ...
. Here, ''eval'' (or, properly speaking, ''
apply
In mathematics and computer science, apply is a function that applies a function to arguments. It is central to programming languages derived from lambda calculus, such as LISP and Scheme, and also in functional languages. It has a role in the ...
'') together with its
right adjoint
In mathematics, specifically category theory, adjunction is a relationship that two functors may exhibit, intuitively corresponding to a weak form of equivalence between two related categories. Two functors that stand in this relationship are k ...
,
currying
In mathematics and computer science, currying is the technique of translating a function that takes multiple arguments into a sequence of families of functions, each taking a single argument.
In the prototypical example, one begins with a functi ...
, form the
simply typed lambda calculus
The simply typed lambda calculus (), a form
of type theory, is a typed interpretation of the lambda calculus with only one type constructor () that builds function types. It is the canonical and simplest example of a typed lambda calculus. The ...
, which can be interpreted to be the morphisms of Cartesian closed categories.
See also
*
Data as code
References
{{Reflist
External links
ANSI and GNU Common Lisp Document: eval functionJonathan Johnson on exposing classes to RBScriptExamples of runtime evaluation in several languageson
Rosetta Code
Rosetta Code is a wiki-based programming chrestomathy website with implementations of common algorithms and solutions to various computer programming, programming problems in many different programming languages. It is named for the Rosetta Stone ...
Control flow
Unix SUS2008 utilities
IBM i Qshell commands