If all you want to allow is backreferences, all you need is 1 eval, something like (untested):

      my %backrefs;
      my( @backrefs ) = $with =~ /\$(\d+)/g;
      if ($modifiers =~ /g/) {
          $value =~ s/$this/
                        no strict 'refs';
                        @backrefs{@backrefs} = map { ${$_} } @backrefs
+;
                        my $ret = $with;
                        $ret =~ s'\$(\d+)'$backrefs{$1}'g;
                        undef %backrefs;
                        $ret; 
                    /ge;
      } else {
...
[download]

Interesting, I like that approach.

Although any time I put arbitary code in my example, it doesn't get run, even though I expected it to be. Whatever I put, other than variable names, just gets printed (other function calls, built-in function names, anything).

Remember that a variable interpolation can include a dereferencing or a subscript/key calculation. Try interpolating:

$foo{warn "GOTCHA"}
[download]

as an example.

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

...Whatever I put...

it has to be perl code that compiles, like $with = q|}; warn "\n# Hi" while 1; q{|; or $with = q|${warn "\n# hi" while 1}|;

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"

I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).

** The third rule of perl club is a statement of fact: pod is sexy.

I think some nasties could be concocted with unlink or rename.

I's not sure what you're doing with the nested quotations, s/$this/qq{qq{$with}}/gee. It seems like $with is all that's needed there to do what you want.

This strikes me as a dangerous thing, not easily untainted.

Added: Ah, now I see, the nested quotes isolate the replacement expression from actual execution. Nice!.

$ perl -e'$with=q(print "baz");$_="foobar";s/(foo)(bar)/qq(qq($with))/
+ee;print'
print "baz"$
[download]

Added again - Quote punctuation can be inserted with dire effects,

perl -e'$with=q/$2$1);print "baz";(/;$_="foobar";s/(foo)(bar)/qq(qq($w
+ith))/ee;print'
baz$
[download]

Unlink just gets printed.

$with on it's own doesn't work. The output is 1985. (2004 minus 9 minus 10). One qq{} does the same. Two qq{}'s gives the correct output.

As taken from another perlmonk's post.

s/$this/qq{qq{$with}}/eeg;
[download]

s{$this}{
  chop( my $r = eval "<<_END_\n$with\n_END_" );
  die $@ if $@;
  $r;
}eg;
[download]

Which *is* more resilient, but not bulletproof, as I've pointed out. It breaks if $with contains "\n_END_\n" or starts with "_END_\n".

It can be made safer by escaping this case.

print <<"_END_";
It works!
\_END_
It really does.
_END_
[download]

which prints:

It works!
_END_
It really does.

It works because apparently you can escape underscores with a backslash, and still have them as just a backslash. If you don't trust this perl feature — I can't say I've seen it documented anywhere, you might feel safer using something else as a delimiter, something that actually starts with a \W character, like "*END*".

print <<"*END*";
It works!
\*END*
It really does.
*END*
[download]

There isn't even a need to try and find something uniqueish. A plain "*" will do. The complete code can then become:

$with =~ s/^\*$/\\*/mg;
s{$this}{
  my $r = eval qq[<<"*"\n$with\n*\n];
  die $@ if $@;
  chop $r;
  $r;
}eg;
[download]

What you really should use is a &qquote function a la Data::Dumper. Such a function makes sure that the delimiter isn't in the input string.

ihb

Read argumentation in its context!