Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello,
For a personal project, I'd like to work with dynamic formulas.
I explain you.
A user types a width and a height and the form calculates automatically the surface.
How does the application know what calculation to do ? The formula is somewhere in the database.
How ?
The admin will create a calculation type named "Surface", for this surface, he will create 2 variables : the height and the width.
In the database, this can be for example like this.
calculations
*name
*formula
variables
*name
*unit
*calculation
There will be the Surface calculation and 2 variables (height in meters, width in meters). The formula will be width * height (stored as a string in the database.
From these informations, I will display a form with the title (Surface) and the 2 input fields to type the height and the width.
To display the result, I need to evaluate the formula.
What do you suggest me ?
I have thought about 2 different ways.
First one
I thought about eval(), but it's risky, so I had a look on the web, the ExpressionLanguage class from Symfony looks interesting.
Do you know any equivalent for Laravel ? I have found this package.
https://packagist.org/packages/wuwx/laravel-expression-language
Second one
Or perhaps a way to evaluate an expression securely without any package ? I thought about parsing the formula to identify the variables, validate the values typed by the user and replace the variables by the typed values. And then evaluate the formula with eval().
For this idea, my question is : is there any risk using eval() if I validate correctly each typed value ?
But you have perhaps other suggestions ?
Thanks for your answer.
V
Laravel uses a bunch of symfony component already. You should be able to install it in laravel.
https://symfony.com/doc/current/components/expression_language.html#installation
But yes you can retrieve from a table as well to do formulas. You could also have different php scripts as well. Using a series of functions depending on the entered data. No different than calling a controller and a method.
May be something like this?
formulas
| id | name | calculation |
| 1 | surface | {{ width }} * {{ height }} |
route model binding the formulas.name
validate inputs
replace the calculation string with validated data
// just add a simple logic can make this dynamic based on the $validatedData
$calculation = str_replace([
'{{ width }}',
'{{ height }}',
], $validatedData->only(['width', 'height']), $model->calculation);
Define your input and output expectations.
Using your example:
formula: a*b=c
input: a, b
output: c
EX:
2*5=10
Where a=2. b=5
There is no need to go as far as using eval everything in your bones should suggest against it. Define your inputs and output, control the data flow with variables, handle exceptions and you're golden.
The tough part here is allowing admin to create the formula, that part needs to go through YOU. It is okay to require a dev to check that a new formula is working as expected.
Once you have defined these formulas with the inputs/output and tested to ensure consistent results, then the admins can use these formulas confidently and you wont need to waste your time trying to figure out what the disconnect is.
Please or to participate in this conversation.