-2

Is there any 'code/function/algoritm' to convert the javascript string?:

var alert = "alert('Hello World!')";

In javascript syntax; in this case, it would display Hello World! on the screen.

matt3141
  • 4,303
  • 1
  • 19
  • 24
Jhonatan Sandoval
  • 1,283
  • 6
  • 24
  • 40
  • 4
    You mean `eval`? Don't use it, it's **evil**. – Halcyon Aug 05 '13 at 15:15
  • 1
    What do you need that for? (maybe there's a better solution than [`eval`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval)) – Bergi Aug 05 '13 at 15:17
  • Here’s [why you should not use `eval()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#Don.27t_use_eval.21). You probably want to [use a first-class function instead](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval#Use_functions_instead_of_evaluating_snippets_of_code). – Rory O'Kane Aug 05 '13 at 15:19
  • 2
    *["...that word (syntaxis), I do not think it means what you think it means..."](http://en.wikipedia.org/wiki/Syntaxis)* – T.J. Crowder Aug 05 '13 at 15:20
  • A little [addendum](http://stackoverflow.com/questions/86513/why-is-using-the-javascript-eval-function-a-bad-idea) to Rory's comment. – biphobe Aug 05 '13 at 15:20
  • @T.J.Crowder It simply means all answers here are totally wrong. – Denys Séguret Aug 05 '13 at 15:21
  • I believe you can't name a variable with the name of a javascript function. – gines capote Aug 05 '13 at 15:21

5 Answers5

2

You may consider creating a parser specific to your use case. This will limit the power of eval to exclusively your intended behavior, for example, the following limits the code to execution of a global function.

var parse_vals = function(expr) {
    if( expr.match(/^['"][^'"]+['"]$/) ) {
        // parse a string literal
        return expr.substr(1, expr.length - 2);
    } else if( !isNaN(parseInt(expr)) ) {
        // parse a number
        return parseInt(expr);
    } else {
        // fail in parsing literal
        return null;
    }
};
var alert_str = "alert('Hello World!')",
    comps = alert_str.match(/^([^(]+)\(([^)]+)\)$/);
    // => ["alert(...)", "alert", "'Hello World!'"]
if( comps ) {
    // apply a global function to the provided arguments, parsed.
    // all values thus need to be literals, no variable access.
    window[comps[1]].apply(window, comps[2].split(/,\s?/).map(parse_vals));
} else {
    alert("Invalid code provided.");
}

As others have stated, eval is unsafe and should be used with caution if used at all. Hence, a use-case-specific parser is a much better solution. More importantly, the power of a full-blown child evaluator is going to be overkill, no matter what. The components of the expression which will vary can be singled out and handled. If the entire string is variable, you are allowing an arbitrary program to be run, and so might as well include it as an independent script, e.g., <script src="data:...">.

matt3141
  • 4,303
  • 1
  • 19
  • 24
0

yes, there is:

var alert = "alert('Hello World!')";

eval(alert);

Evaluates JavaScript code represented as a string.

Here is the explanation and other uses of the eval() function.

This can lead to some unanticipated problems since you are executing some arbitrary string as javascript code. If you explained why you need to do what you're doing maybe there's a safer alternative.

pythonian29033
  • 5,148
  • 5
  • 31
  • 56
hunter
  • 62,308
  • 19
  • 113
  • 113
  • For the sake of those stumbling across this answer, it should be noted that an interpreter specific to your use-case is almost always a superior route. – matt3141 Aug 05 '13 at 15:33
0

You can use evalbut it's highly discouraged!

var alert = "alert('This is evil');"
eval(alert);
fiskeben
  • 3,395
  • 4
  • 31
  • 35
0

You are looking for eval. You want to be carefull thou, this might create some security risks.

You might want to read this eval() isn’t evil, just misunderstood

var alert = "alert('Hello World!')"; 
eval( alert );

An better method could be something like this:

<script src="pretendToBeJavascript.php"></script>

// pretendToBeJavascript.php contents:
header('Content-type: text/javascript');
echo "alert('Hello World!')";
Martijn
  • 15,791
  • 4
  • 36
  • 68
  • 2
    To the downvoter of all answers, why? All answers are correct. Maybe not recommended, but most of them note that. – Martijn Aug 05 '13 at 15:25
-1

There is any possible solution:

var alert = "alert('Hello World!')";
eval(alert );

Make sure, that eval is evil @Frits van Campen

When is JavaScript's eval() not evil?

Community
  • 1
  • 1
m1k1o
  • 2,344
  • 16
  • 27