Title: Unnecessary eval statements
Last modified: February 5, 2024

---

# Unnecessary eval statements

 *  Resolved [SiteBolts](https://wordpress.org/support/users/sitebolts/)
 * (@sitebolts)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/unnecessary-eval-statements/)
 * Hi there, I noticed that there are two files in your plugin that seem to contain
   an unnecessary eval statement.
 * The files in question are `/importExtensions/ImportHelpers.php` and `/importExtensions/
   CoreFieldsImport.php`
 * And the matching code for both of them is:
 *     ```wp-block-code
       @eval("return " . $matched_element . ";" );
       ```
   
 * I’m a bit confused about the way that line is written; it seems like it could
   just be replaced with a normal string concatenator and/or return statement without
   carrying any of the risks or performance hits of a dynamic eval statement.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Author [Smackcoders Inc.,](https://wordpress.org/support/users/smackcoders/)
 * (@smackcoders)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/unnecessary-eval-statements/#post-17400166)
 * Thank you for bringing this to our attention. We appreciate your feedback. We’ll
   carefully review the mentioned files and the eval statements you highlighted.
   We will check this with our technical team and update you within a couple of 
   days. We always aim to enhance our code for better readability, performance, 
   and security. If you have any further suggestions or specific recommendations,
   please feel free to share them. Your input is valuable to us as we continually
   strive to improve our plugin.
 *  Plugin Author [Smackcoders Inc.,](https://wordpress.org/support/users/smackcoders/)
 * (@smackcoders)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/unnecessary-eval-statements/#post-17408636)
 * We’ve thoroughly reviewed the files and the eval statements in question. After
   careful consideration, we’ve optimized the code to eliminate unnecessary eval
   functions and have added additional sanitization for improved performance and
   security. We’re pleased to inform you that these enhancements are included in
   our latest version 7.10.11. Upgrade the plugin and give it a try. We appreciate
   your vigilance and thank you for contributing to the ongoing improvement of our
   plugin. If you have any more insights or suggestions, please feel free to share
   them. Your feedback is invaluable to us. 🙂

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Unnecessary eval statements’ is closed to new replies.

 * ![](https://ps.w.org/wp-ultimate-csv-importer/assets/icon.svg?rev=3131703)
 * [WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress](https://wordpress.org/plugins/wp-ultimate-csv-importer/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-ultimate-csv-importer/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-ultimate-csv-importer/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-ultimate-csv-importer/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-ultimate-csv-importer/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-ultimate-csv-importer/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [Smackcoders Inc.,](https://wordpress.org/support/users/smackcoders/)
 * Last activity: [2 years, 3 months ago](https://wordpress.org/support/topic/unnecessary-eval-statements/#post-17408636)
 * Status: resolved