I know that eval is the function in PHP to execute PHP code from an input. Now I want to make a W3Schools like editor. What can I do to protect eval code that I get from POST variable.
$code = eval($_POST["phpusercode"]);
echo $code;
What I want to do is when a user will make a function like this
I want to give user the ability to write his own PHP code on my site without making my website vulnerable to some sort of hacking.