Do not use eval()
eval() is sluggish and prone to security threats, and thus not recommended to be used. Here are why it is said so:
i) Code passed to the eval is executed with the privileges of the executer. So, if the code passed can be affected by some malicious intentions, it leads to running malicious code in a user's machine with your website's privileges.
ii) A malicious code can understand the scope with which the code passed to the eval was called. Which in turn, may raise security threats.
iii) eval has to call the JS Interpreter, thus making it sluggish.
Example ofeval() funciton:-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
eval("language = 78; math = 89; science=90; document.write('Total marks : '+(language + math + science));");