On Tuesday 30 May 2017 15:53:13 James Smith wrote:
> String eval should be avoided at all costs [especially if you parse user
> input] - functional eval is different - and is a good model for catching
> errors etc
Yes, string eval should be avoided in all usage. But this discussion was
about that functional eval.
> {There are some good uses of string eval - e.g. dymanically "use"ing
> modules}
That is wrong too. If you need to load module dynamically do it also
without stringified eval, to ensure security (somebody can include ';'
into module name...). It is done by "require" and "import". But easier
would be to use Module::Runtime which calls "require" correctly for you:
https://metacpan.org/pod/Module::Runtime
> James
