JavaScript 1.5 核心参考:全局函数:eval

英文原文地址：
http://developer.mozilla.org/cn/docs/JavaScript_1.5_%E6%A0%B8%E5%BF%83%E5%8F%82%E8%80%83:%E5%85%A8%E5%B1%80%E5%87%BD%E6%95%B0:eval

JavaScript 1.5 核心参考:全局函数:eval
From MDC

目录

1 Summary
2 Syntax
3 Parameters
4 Description
5 Don't use eval!
6 Parsing JSON
6.1 Accessing member properties
7 Cross-implementation compatibility
8 Examples
8.1 Example: Using eval
8.2 Example: Using eval to evaluate a string of JavaScript statements
9 Return value
10 See also


Summary
Core Function

Evaluates a string of JavaScript code without reference to a particular object.
运行与具体对象无关的JavaScript代码，

Syntax
eval(string [, object])

Parameters
string
A string representing a JavaScript expression, statement, or sequence of statements. The expression can include variables and properties of existing objects.
一个JavaScript表达式，语句，或语句序列。这个表达式包含变量和已存在的对象属性值。
object
Template:non-standard inline
An optional argument; if specified, the evaluation is restricted to the context of the specified object.
一个可选参数；如果指定了，这个运行限制在指定对象的范围内。
Description
eval is a top-level function and is not associated with any object.
eval 是一个顶级函数，不需要与任何对象结合。

The argument of the eval function is a string. If the string represents an expression, eval evaluates the expression. If the argument represents one or more JavaScript statements, eval performs the statements. Do not call eval to evaluate an arithmetic expression; JavaScript evaluates arithmetic expressions automatically.
eval 函数的参数是一个字符串。如果字符串是一个表达式，eval计算这个表达式。如果参数是一个或者多噶JavaScript语句，eval执行这些语句。不要调用eval去计算一个数学表达式；JavaScript是自动计算表达式的。

If you construct an arithmetic expression as a string, you can use eval to evaluate it at a later time. For example, suppose you have a variable x. You can postpone evaluation of an expression involving x by assigning the string value of the expression, say "3 * x + 2", to a variable, and then calling eval at a later point in your script.
如果你构造了一个数学表达式字符串，你可以使用eval计算它在晚一点的时候。例如，假设你有一个变量x。你可以推迟包含x的表达式的计算通过把表达式转换成字符串的值，比如说“3 * x + 2”作为一个变量，稍后在你的script中再指明调用eval。

If the argument of eval is not a string, eval returns the argument unchanged. In the following example, the String constructor is specified, and eval returns a String object rather than evaluating the string.
如果eval的参数不是字符串，eval不改变的返回参数值。如下面的例子，参数是字符串构造器，eval返回字符串对象而不是计算字符串。

eval(new String("2 + 2")); // returns a String object containing "2 + 2"
eval("2 + 2"); // returns 4

You can work around this limitation in a generic fashion by using toString.
你可以让它绕过这个限制，通常是使用toString方法。

var expression = new String("2 + 2");
eval(expression.toString());

You cannot indirectly use the eval function by invoking it via a name other than eval; if you do, a runtime error might occur. For example, you should not use the following code: 你不能直接使用其他名字来调用eval函数；如果你这样做，就会出现一个运行错误。例如，你不能像下面这样写：
var x = 2;
var y = 4;
var myEval = eval;
myEval("x + y");


Don't use eval!
eval() is a dangerous function, which executes the code it's passed with the privileges of the caller. If you run eval() with a string that could be affected by a malicious party, you may end up running malicious code on the user's machine with the permissions of your webpage / extension.
eval()是一个危险的函数，它能执行具有调用者权限的代码。如果你执行恶意代码伪装成的字符串，你最终会在客户机上运行具有网页扩展权限的恶意代码，

There are safe alternatives to eval() for common use-cases.
下面是通常情况下安全的使用eval的方法。

Parsing JSON
See Downloading JSON and JavaScript in extensions.

(http://developer.mozilla.org/En/Downloading_JSON_and_JavaScript_in_extensions)

Accessing member properties
You should not use eval to convert property names into properties. Consider the following example. The getFieldName(n) function returns the name of the specified form element as a string. The first statement assigns the string value of the third form element to the variable field. The second statement uses eval to display the value of the form element.
你不要用eval转换属性名字到属性里面。思考下面的例子。getFieldName(n)返回指定元素的名字的字符串形式。第1句将第3个元素的字符串值赋给变量field。第2句使用eval显示从元素中获取的值。

var field = getFieldName(3);
document.write("The field named ", field, " has value of ",
eval(field + ".value"));

However eval is not necessary here. In fact, its use here is discouraged. Instead, use the member operators, which are much faster:
eval在这儿不是必须的。实际上，它在这里使用是不合适的。可以使用成员操作符来代替，而且安全的多。

var field = getFieldName(3);
document.write("The field named ", field, " has value of ",
field[value]);

Cross-implementation compatibility （跨平台兼容性）It should be noted that the second optional parameter to eval is non-standard and not supported in all JavaScript implementations; at the time of this writing, for instance, Rhino doesn't support it, nor does Safari's JavaScriptCore.
也许你会注意到，eval的第2个选项参数不是标准的，不是所有的javascript执行器都支持。

To maintain compatibility across implementations, it is recommended that the second parameter to eval not be used. To achieve the same effect, the with statement may be used. So rather than using
eval(string, object);
use
with (object) {
eval(string);
}

为了保持兼容，推荐不使用eval的第2个参数。为了达到相同的效果，要使用with语句。不使用eval(string, object);而使用：with (object) { eval(string);}

Examples
The following examples display output using document.write. In server-side JavaScript, you can display the same output by calling the write function instead of using document.write.
下面的例子使用document.write 显示输出。在服务器段的JavaScript,你可以使用write 函数代替使用document.write 显示通用的输出。

Example: Using eval
In the following code, both of the statements containing eval return 42. The first evaluates the string "x + y + 1"; the second evaluates the string "42".
这个例子，两个包含eval的语句都返回42.第一个计算字符串"x + y + 1"; 第二个计算字符串"42"。
var x = 2;
var y = 39;
var z = "42";
eval("x + y + 1"); // returns 42
eval(z); // returns 42


Example: Using eval to evaluate a string of JavaScript statements
The following example uses eval to evaluate the string str. This string consists of JavaScript statements that open an Alert dialog box and assign z a value of 42 if x is five, and assigns 0 to z otherwise. When the second statement is executed, eval will cause these statements to be performed, and it will also evaluate the set of statements and return the value that is assigned to z.
这个例子使用eval计算字符串str。这个字符串由JavaScript语句构成，它包括：如果x等于5，则打开一个alert对话框，并赋值z为42，否则赋值z为0.当第2句执行的时候，eval会使第1句中JavaScript语句被执行，并且执行语句和返回z的值。

var str = "if (x == 5) {alert('z is 42'); z = 42;} else z = 0; ";
document.write("<P>z is ", eval(str));

Return value
eval returns the value of the last expression evaluated.
eval 返回前一个表达式的计算值。

var str = "if ( a ) { 1+1; } else { 1+2; }";
var a = true;
var b = eval(str); // returns 2
alert("b is : " + b);
a = false;
b = eval(str); // returns 3
alert("b is : " + b);