Thursday, March 19, 2009

Eval is Evil ...

The Eval method is JS takes a string containing JavaScript code, compiles it and runs it.It is probably the most powerful and most misused method in JavaScript.
In the majority of cases, eval is used like a sledgehammer swatting a fly -- it gets the job done, but with too much power. It's slow, it's unwieldy, and tends to magnify the damage when you make a mistake. Please spread the word far and wide: if you are considering using eval then there is probably a better way. Think hard before you use eval. eval starts a compiler. Before you use it, ask yourself whether there is a better way to solve this problem than starting up a compiler!

Here few points that force to not use Eval.

Debugability: what is easier to debug, a program that dynamically generates new code at runtime, or a program with a static body of code?

Maintainability: What's easier to maintain, a table or a program that dynamically spits new code?

Speed: which do you think is faster, a program that dereferences an array, or a program that starts a compiler?

think about string more than 10,000 persons name and we want to eval that string ... JavaScript encountered with problem on manipulating and eval()ing very large strings.

Memory: which uses more memory, a program that dereferences an array, or a program that starts a compiler and compiles a new chunk of code every time you need to access an array?

Learn More ....

1 comment:

  1. putting up the static content means opening up the holes for people to know about your stuff. Using eval is good when u rely that content will be from ur side(server)..not from client {Standard XSS safety rule}. It is good in performace as compared to itz workarounds. Power is expected to be handled generously with a clear thought not in a random way. Same is applicable for Eval too, use it only where you need and feel will be useful not @ everyplace , undoubtedly it is really powerful. ;)