PHP: Equivalent of include using eval

Question

If the code is the same, there appears to be a difference between:

include \'external.php\';

and

eval(\'?>\' . file_get_conten

Answer 1

After some more research I found out what was wrong myself. The problem is in the fact that <?php is a "short opening tag" and so will only work if short_open_tag is set to 1 (in php.ini or something to the same effect). The correct full tag is <?php, which has a space after the second p.

As such the proper equivalent of the include is:

eval('?>' . file_get_contents('external.php') . '<?php ');

Alternatively, you can leave the opening tag out all together (as noted in the comments below):

eval('?>' . file_get_contents('external.php'));

My original solution was to add a semicolon, which also works, but looks a lot less clean if you ask me:

eval('?>' . file_get_contents('external.php') . '<?php;');

Answer 2

This lets you include a file assuming file wrappers for includes is on in PHP:

function stringToTempFileName($str)
{
    if (version_compare(PHP_VERSION, '5.1.0', '>=') && strlen($str < (1024 * 512))) {
        $file = 'data://text/plain;base64,' . base64_encode($str);
    } else {
        $file = Utils::tempFileName();
        file_put_contents($file, $str);
    }
    return $file;
}

... Then include that 'file.' Yes, this will also disable opcode caches, but it makes this 'eval' the same as an include with respect to behavior.