JavaScript Eval()

JavaScript Eval Thumbnail

The JavaScript eval() method can execute a statement, expression, or a group of statements and return its completion value if it exists.

JavaScript eval() Method

The eval() is a method of the JavaScript global object. This method takes a string as an argument, this string can contain a statement to be evaluated, and this statement can be single-liner or multi-liner. In return, it gives the completion value, if there is no completion value it will return undefined.

Syntax:

eval(string)

where string can contain a statement, expression, or a group of statements.

Also Read: NodeJS Keywords: What Are Reserved Keywords in NodeJS?

Example 1: Evaluate Expression

Below is the code having a string containing a simple expression, let’s evaluate it using the eval() method and print the output in the console.

const exp = "2 + 2";

const result = eval(exp);

console.log(result);

Output:

4

Here you can see, the expression is successfully evaluated and the eval() method returned the result.

Example 2: Evaluate Statement

Below is the code having a string containing a statement to print “Hello World” in the console, let’s evaluate it using the eval() method and print the output in the console.

const sta = 'console.log("Hello World")'

const result = eval(sta);

console.log(result);

Output:

Hello World
undefined

Here you can see, the statement inside the string is successfully evaluated as we have gotten the “Hello World” in the console but we also have undefined in the output, when there is no value to be returned, i.e., no completion value, the eval() method simply returns undefined.

Example 3: Evaluate Multiple Statements

Let’s evaluate a group of statements using the eval() method.

const stas = `let a = 2;
             let b = 3;   
             let sum = a + b;
             console.log("Sum is: " + sum);
             `;

eval(stas);

Output:

Sum is: 5

Here you can see, the output is justified, which means that all the statement is successfully executed. We have not got an undefined here as we have not tried to print the value that eval() returns, if we print it then again we will get undefined.

Evaluate Function using eval()

Directly passing the function inside the string to be evaluated using the eval() method will cause an error.

Example:

Let’s try to pass a function declaration inside the string to evaluate it using the eval() method.

const fun = "function sum(a, b) { return a + b; }";
const getFun = eval(fun);

console.log(getFun(2, 3)); // undefined

Output:

console.log(getFun(2, 3)); // undefined
            ^

TypeError: getFun is not a function
    at Object. (C:\Users\ag290\OneDrive\Desktop\eval\app.js:27:13)
    at Module._compile (internal/modules/cjs/loader.js:759:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:770:10)
    at Module.load (internal/modules/cjs/loader.js:628:32)
    at Function.Module._load (internal/modules/cjs/loader.js:555:12)
    at Function.Module.runMain (internal/modules/cjs/loader.js:826:10)
    at internal/main/run_main_module.js:17:11

Here we got an error. 

To evaluate a string containing a function using the eval() method, it is required to wrap it in a round bracket ().

Example:

const fun = "(function sum(a, b) { return a + b; })";
const getFun = eval(fun);

console.log(getFun(2, 3)); // 5

Output:

5

Here we got the expected result, so next time you try it, don’t forget to wrap your function inside (), before executing it.

Avoid using eval()

In older times, when JavaScript does not have much functionality, eval() can be a good option, but in current modern JavaScript using eval() to execute the program has no sense as there are modern constructors. 

Using eval() can cause security issues as it can run malicious code inside your system without permission, also it can access the outer variable which can be tempered and create trouble in the expected execution of the application.

Summary

Eval means evaluates, as the name suggests, the eval() method is used to evaluate or execute the statement or expressed in a string passed as an argument and return the completion value, if the completion value does not exist then it returns undefined. Executing code inside the eval() method might not be a good idea as it can temper external variables and also possible that you mistakenly executed malicious code which can cause damage to your system. Hope this tutorial helps you to understand the eval() method in JavaScript.

Reference

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval