I'm just overworking my JS code and wish to replace my <code>eval()</code>'s with <code>window[functionName]</code>. So I just made a quick test in the JSFiddle and all works well with the following lines: <pre class="prettyprint"><code>var fnName = "Page_test"; var foo = "yammy"; var Page_test = function(bar) { return bar; } var Obj = window[fnName]; alert(Obj(foo)); </code></pre> (Link to this JSFiddle -> http://jsfiddle.net/juSHj/) Now I try to replace the following lines of code with the evil <code>eval()</code> with the above concept: old code: (works like a charm / fired after ajax success) <pre class="prettyprint"><code> ... success: function(ret) { if(returnFnAjaxForm != "") { eval(returnFnAjaxForm+"('"+encodeURI(jQuery.trim(ret))+"')"); } } ... </code></pre> new code: <blockquote> Returns: Uncaught TypeError: Property 'dummyFn' of object [object Window] is not a function </blockquote> <pre class="prettyprint"><code>... success: function(ret) { if(returnFnAjaxForm != "") { fnObj = window[returnFnAjaxForm]; if(typeof(fnObj) == "function") { // this is optional fnObj(encodeURI(jQuery.trim(ret))); } } } ... </code></pre> I'm curious where I made my mistake. Yes the function I try to fire exists and is defined with <code>var</code> . Is this concept may not possible to use it on an ajax-response? Thanks for any help. (Using jQuery)

If you declare your function in a closure, it's not a member of window. Example : <pre class="prettyprint"><code>var in_window = '132'; alert(window['in_window']); // Alert 132 (function() { var not_in_window = '132'; alert(window['not_in_window']); // Alert undefined })(); </code></pre> So be careful of where you declare your <code>Page_test</code> variable. If you really want to put in window, you can do <code>window.Page_test = Page_test</code>. The best you can do is to use an object for all your possible callbacks. Like this : <pre class="prettyprint"><code>var callbacks = { foo : function() {}, foo1 : function() {}, foo2 : function() {}, foo3 : function() {} }; var obj = callbacks[fnName]; </code></pre>

fnObj = window[functionName] is not a function issue

I'm just overworking my JS code and wish to replace my eval()'s with window[functionName]. So I just made a quick test in the JSFiddle and all works well with the following lines:

var fnName = "Page_test";
var foo = "yammy";
var Page_test = function(bar) {
    return bar;
}
var Obj = window[fnName];
alert(Obj(foo));

(Link to this JSFiddle -> http://jsfiddle.net/juSHj/)

Now I try to replace the following lines of code with the evil eval() with the above concept:

old code: (works like a charm / fired after ajax success)

 ...
 success: function(ret) {
     if(returnFnAjaxForm != "") {
          eval(returnFnAjaxForm+"('"+encodeURI(jQuery.trim(ret))+"')");
     }
 }
 ...

new code:

Returns: Uncaught TypeError: Property 'dummyFn' of object [object Window] is not a function

...
success: function(ret) {
     if(returnFnAjaxForm != "") {
          fnObj = window[returnFnAjaxForm];
          if(typeof(fnObj) == "function") { // this is optional
               fnObj(encodeURI(jQuery.trim(ret)));
          }
     }
} 
...

I'm curious where I made my mistake. Yes the function I try to fire exists and is defined with var . Is this concept may not possible to use it on an ajax-response?

Thanks for any help.

(Using jQuery)

How to replace eval function?

An alternative to eval is Function() . Just like eval() , Function() takes some expression as a string for execution, except, rather than outputting the result directly, it returns an anonymous function to you that you can call. `Function() is a faster and more secure alternative to eval().

Why is using eval bad?

Code injection- eval() runs string as a code and it is way more easier for hackers to get into privileged information just by the use of eval(). This is a big security threat when a program takes input from the user and is running on the client-side.

Why JSON eval is not recommended for use?

Malicious code : invoking eval can crash a computer. For example: if you use eval server-side and a mischievous user decides to use an infinite loop as their username. Terribly slow : the JavaScript language is designed to use the full gamut of JavaScript types (numbers, functions, objects, etc)… Not just strings!

Is eval slow JavaScript?

eval() is also slower than the alternatives, since it has to invoke the JavaScript interpreter, while many other constructs are optimized by modern JS engines. Additionally, modern JavaScript interpreters convert JavaScript to machine code. This means that any concept of variable naming gets obliterated.

If you declare your function in a closure, it's not a member of window. Example :

var in_window = '132';
alert(window['in_window']); // Alert 132

(function() {
    var not_in_window = '132';
    alert(window['not_in_window']); // Alert undefined
})();

So be careful of where you declare your Page_test variable. If you really want to put in window, you can do window.Page_test = Page_test.

The best you can do is to use an object for all your possible callbacks. Like this :

var callbacks = {
    foo : function() {},
    foo1 : function() {},
    foo2 : function() {},
    foo3 : function() {}
};

var obj = callbacks[fnName];

fnObj = window[functionName] is not a function issue - eval() works well

Tags:

javascript

jquery

ajax

wildhaber

People also ask

1 Answers

Magus

Recent Activity

Donate For Us