From 8662f6f9e77eb2b6a353d47e6f87a9d0725dde38 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Fri, 3 Oct 2025 23:43:59 -0400
Subject: [PATCH 01/11] POC Safe eval of .page files

---
 .../dynamix.docker.manager/AddContainer.page  |  1 +
 .../dynamix/include/DefaultPageLayout.php     | 27 +++++++++-----
 .../DefaultPageLayout/MainContentTabbed.php   | 18 ++++++++--
 .../DefaultPageLayout/MainContentTabless.php  | 10 +++++-
 .../include/DefaultPageLayout/evalContent.php | 35 +++++++++++++++++++
 5 files changed, 79 insertions(+), 12 deletions(-)
 mode change 100644 => 100755 emhttp/plugins/dynamix.docker.manager/AddContainer.page
 mode change 100644 => 100755 emhttp/plugins/dynamix/include/DefaultPageLayout.php
 mode change 100644 => 100755 emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabbed.php
 mode change 100644 => 100755 emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabless.php
 create mode 100755 emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php

diff --git a/emhttp/plugins/dynamix.docker.manager/AddContainer.page b/emhttp/plugins/dynamix.docker.manager/AddContainer.page
old mode 100644
new mode 100755
index e0d6efbbe..6a4b65895
--- a/emhttp/plugins/dynamix.docker.manager/AddContainer.page
+++ b/emhttp/plugins/dynamix.docker.manager/AddContainer.page
@@ -1,6 +1,7 @@
 Title="Add Container"
 Cond="(pgrep('dockerd')!==false)"
 Markdown="false"
+Eval="true"
 ---
 <?PHP
 /* Copyright 2005-2023, Lime Technology
diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout.php b/emhttp/plugins/dynamix/include/DefaultPageLayout.php
old mode 100644
new mode 100755
index cc5e088a4..dd7070b5d
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout.php
@@ -78,6 +78,7 @@ if (count($pages)) {
         @unlink($nchan_pid);
     }
 }
+
 ?>
 <!DOCTYPE html>
 <html <?= $display['rtl'] ?>lang="<?= strtok($locale, '_') ?: 'en' ?>" class="<?= $themeHelper->getThemeHtmlClass() ?>">
@@ -132,22 +133,30 @@ if (count($pages)) {
 
   <?php require_once "$docroot/webGui/include/DefaultPageLayout/HeadInlineJS.php"; ?>
   <?php
-  foreach ($buttonPages as $button) {
-      annotate($button['file']);
-      includePageStylesheets($button);
-      eval('?>' . parse_text($button['text']));
-  }
+    foreach ($buttonPages as $button) {
+        annotate($button['file']);
+        includePageStylesheets($button);
+        $evalContent = '?>' . parse_text($button['text']);
+        $evalFile = $button['file'];
+        if ( filter_var($button['Eval']??false, FILTER_VALIDATE_BOOLEAN) ) {
+            eval($evalContent);
+        } else {
+            include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
+        }
+    }
+ 
 
-foreach ($pages as $page) {
-    annotate($page['file']);
-    includePageStylesheets($page);
-}
+    foreach ($pages as $page) {
+        annotate($page['file']);
+        includePageStylesheets($page);
+    }
 ?>
 
   <?php include "$docroot/plugins/dynamix.my.servers/include/myservers1.php" ?>
 </head>
 
 <body>
+<unraid-modals></unraid-modals>
   <?php include "$docroot/webGui/include/DefaultPageLayout/MiscElementsTop.php"; ?>
   <?php include "$docroot/webGui/include/DefaultPageLayout/Header.php"; ?>
   <?php include "$docroot/webGui/include/DefaultPageLayout/Navigation/Main.php"; ?>
diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabbed.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabbed.php
old mode 100644
new mode 100755
index 7f251740e..f8f982341
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabbed.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabbed.php
@@ -43,7 +43,13 @@
                 if (isset($page['text'])) {
                     $skipIndexIncrement = true;
                     annotate($page['file']);
-                    eval('?>'.generateContent($page));
+                    $evalContent = '?>'.generateContent($page);
+                    $evalFile = $page['file'];
+                    if ( filter_var($page['Eval']??false, FILTER_VALIDATE_BOOLEAN) ) {
+                        eval($evalContent);
+                    } else {    
+                        include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
+                    }
                 }
                 continue;
             }
@@ -60,7 +66,15 @@
         >
             <?= generatePanels($page, $path, $defaultIcon, $docroot) ?>
 
-            <? eval('?>'.generateContent($page)); ?>
+            <? 
+            $evalContent = '?>'.generateContent($page);
+            $evalFile = $page['file'];
+            if ( filter_var($page['Eval']??false, FILTER_VALIDATE_BOOLEAN) ) {
+                eval($evalContent);
+            } else {
+                include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
+            }
+            ?>
         </section>
         <?
             if ($skipIndexIncrement) {
diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabless.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabless.php
old mode 100644
new mode 100755
index 5290dfcd7..1c035b574
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabless.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/MainContentTabless.php
@@ -19,7 +19,15 @@
 
             <?= generatePanels($page, $path, $defaultIcon, $docroot, true) ?>
 
-            <? eval('?>'.generateContent($page)); ?>
+            <? 
+            $evalContent = '?>'.generateContent($page);
+            $evalFile = $page['file'];
+            if ( filter_var($page['Eval']??false, FILTER_VALIDATE_BOOLEAN) ) {
+                eval($evalContent);
+            } else {
+                include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
+            }
+            ?>
         <? endforeach; ?>
     </div>
 </div>
diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
new file mode 100755
index 000000000..8badcb43e
--- /dev/null
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -0,0 +1,35 @@
+<?php
+// This evaluates the contents of PHP code.  Has to be "included" because the code is evaluated in the context of the calling page.
+// $evalContent is the PHP code to evaluate.
+// $evalFile is the file that the code is being evaluated in
+// If an error occurs, a banner warning (disappearing in 10 seconds) is added to the page.
+// The PHP error logged will also include the path of the .page file for easier debugging
+ob_start();
+try {
+    set_error_handler(function($severity, $message, $file, $line) {
+        throw new ErrorException($message, 0, $severity, $file, $line);
+    });
+    eval($evalContent);
+    restore_error_handler();
+    ob_end_flush();
+} catch (Throwable $e) {
+    restore_error_handler();
+    error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
+    ob_clean();
+    echo "
+        <script>
+        $(function() {
+            try {
+                console.log('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.');
+                let phpErrorBanner = addBannerWarning('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.',true,true);
+                setTimeout(function() {
+                    removeBannerWarning(phpErrorBanner);
+                }, 10000);
+            } catch (e) {
+                console.error('Failed to add banner warning: ' + e);
+            }
+        });
+        </script>";
+    ob_end_flush();   
+}
+?>      
\ No newline at end of file

From 7109522c783e0f4624cc5560f0407f016c7ab148 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Sat, 4 Oct 2025 00:42:32 -0400
Subject: [PATCH 02/11] Allow PHP warnings to execute code

---
 .../include/DefaultPageLayout/evalContent.php | 53 ++++++++++---------
 1 file changed, 29 insertions(+), 24 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index 8badcb43e..72af32361 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -6,30 +6,35 @@
 // The PHP error logged will also include the path of the .page file for easier debugging
 ob_start();
 try {
-    set_error_handler(function($severity, $message, $file, $line) {
-        throw new ErrorException($message, 0, $severity, $file, $line);
-    });
-    eval($evalContent);
-    restore_error_handler();
-    ob_end_flush();
-} catch (Throwable $e) {
-    restore_error_handler();
-    error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
-    ob_clean();
-    echo "
-        <script>
-        $(function() {
-            try {
-                console.log('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.');
-                let phpErrorBanner = addBannerWarning('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.',true,true);
-                setTimeout(function() {
-                    removeBannerWarning(phpErrorBanner);
-                }, 10000);
-            } catch (e) {
-                console.error('Failed to add banner warning: ' + e);
+        set_error_handler(function($severity, $message, $file, $line) {
+            // Only convert errors (not warnings, notices, etc.) to exceptions
+            if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
+                throw new ErrorException($message, 0, $severity, $file, $line);
             }
+            // Let warnings and notices be handled normally
+            return false;
         });
-        </script>";
-    ob_end_flush();   
-}
+        eval($evalContent);
+        restore_error_handler();
+        ob_end_flush();
+    } catch (Throwable $e) {
+        restore_error_handler();
+        error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
+        ob_clean();
+        echo "
+            <script>
+            $(function() {
+                try {
+                    console.log('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.');
+                    let phpErrorBanner = addBannerWarning('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.',true,true);
+                    setTimeout(function() {
+                        removeBannerWarning(phpErrorBanner);
+                    }, 3000);
+                } catch (e) {
+                    console.error('Failed to add banner warning: ' + e);
+                }
+            });
+            </script>";
+        ob_end_flush();   
+    }
 ?>      
\ No newline at end of file

From 9608ba63ac7a41d437ad5be51d605777d3aa722f Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Sat, 4 Oct 2025 01:19:29 -0400
Subject: [PATCH 03/11] Remove line added by connect

---
 emhttp/plugins/dynamix/include/DefaultPageLayout.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout.php b/emhttp/plugins/dynamix/include/DefaultPageLayout.php
index dd7070b5d..985faaeac 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout.php
@@ -156,7 +156,6 @@ if (count($pages)) {
 </head>
 
 <body>
-<unraid-modals></unraid-modals>
   <?php include "$docroot/webGui/include/DefaultPageLayout/MiscElementsTop.php"; ?>
   <?php include "$docroot/webGui/include/DefaultPageLayout/Header.php"; ?>
   <?php include "$docroot/webGui/include/DefaultPageLayout/Navigation/Main.php"; ?>
@@ -167,4 +166,4 @@ if (count($pages)) {
   <?php include "$docroot/webGui/include/DefaultPageLayout/ToastSetup.php"; ?>
 </body>
 
-</html>
\ No newline at end of file
+</html>

From 61e3b269265af665e10fcf6c187bbc8823b4d646 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Sat, 4 Oct 2025 03:07:54 -0400
Subject: [PATCH 04/11] Protect from errors in Cond

---
 emhttp/plugins/dynamix/include/PageBuilder.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
 mode change 100644 => 100755 emhttp/plugins/dynamix/include/PageBuilder.php

diff --git a/emhttp/plugins/dynamix/include/PageBuilder.php b/emhttp/plugins/dynamix/include/PageBuilder.php
old mode 100644
new mode 100755
index 2f2a82ac6..9267a2e10
--- a/emhttp/plugins/dynamix/include/PageBuilder.php
+++ b/emhttp/plugins/dynamix/include/PageBuilder.php
@@ -44,9 +44,15 @@ function build_pages($pattern) {
 
 function page_enabled(&$page)
 {
-  global $var,$disks,$devs,$users,$shares,$sec,$sec_nfs,$name,$display,$pool_devices;
+  global $docroot,$var,$disks,$devs,$users,$shares,$sec,$sec_nfs,$name,$display,$pool_devices;
   $enabled = true;
-  if (isset($page['Cond'])) eval("\$enabled={$page['Cond']};");
+  if (isset($page['Cond'])) {
+    $enabled = false;
+    $evalContent= "\$enabled={$page['Cond']};";
+    $evalFile = $page['file'];
+    $evalNoBanner = true;
+    include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
+  }
   return $enabled;
 }
 

From 906e86e46c1ad43298c1d38a6122b38f479b8948 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Sat, 4 Oct 2025 03:16:56 -0400
Subject: [PATCH 05/11] Update evalContent.php

---
 .../include/DefaultPageLayout/evalContent.php | 39 +++++++++++--------
 1 file changed, 23 insertions(+), 16 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index 72af32361..bb83adb29 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -6,21 +6,26 @@
 // The PHP error logged will also include the path of the .page file for easier debugging
 ob_start();
 try {
-        set_error_handler(function($severity, $message, $file, $line) {
-            // Only convert errors (not warnings, notices, etc.) to exceptions
-            if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
-                throw new ErrorException($message, 0, $severity, $file, $line);
-            }
-            // Let warnings and notices be handled normally
-            return false;
-        });
-        eval($evalContent);
-        restore_error_handler();
-        ob_end_flush();
-    } catch (Throwable $e) {
-        restore_error_handler();
-        error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
-        ob_clean();
+    set_error_handler(function($severity, $message, $file, $line) {
+        global $evalFile;
+        // Only convert errors (not warnings, notices, etc.) to exceptions
+        if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
+            throw new ErrorException($message, 0, $severity, $file, $line);
+        } else {
+            error_log("PHP Warning/notice in $evalFile");
+        }
+        // Let warnings and notices be handled normally
+        return false;
+    });
+    eval($evalContent);
+    restore_error_handler();
+    ob_end_flush();
+} catch (Throwable $e) {
+    restore_error_handler();
+    error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
+    ob_clean();
+
+    if ( ! ($evalNoBanner??false) ) {
         echo "
             <script>
             $(function() {
@@ -35,6 +40,8 @@ try {
                 }
             });
             </script>";
-        ob_end_flush();   
     }
+    ob_end_flush();   
+}
+$evalNoBanner = false; // reset the variable
 ?>      
\ No newline at end of file

From 3d3edef2b7464c527ad11e7d4350b8920e0a32a2 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Tue, 7 Oct 2025 10:45:31 -0400
Subject: [PATCH 06/11] Simplification

---
 .../include/DefaultPageLayout/evalContent.php | 26 ++++---------------
 .../plugins/dynamix/include/PageBuilder.php   |  6 ++---
 2 files changed, 7 insertions(+), 25 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index bb83adb29..59149fe57 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -4,10 +4,11 @@
 // $evalFile is the file that the code is being evaluated in
 // If an error occurs, a banner warning (disappearing in 10 seconds) is added to the page.
 // The PHP error logged will also include the path of the .page file for easier debugging
+
+$evalSuccess = false;
 ob_start();
 try {
-    set_error_handler(function($severity, $message, $file, $line) {
-        global $evalFile;
+    set_error_handler(function($severity, $message, $file, $line) use ($evalFile) {
         // Only convert errors (not warnings, notices, etc.) to exceptions
         if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
             throw new ErrorException($message, 0, $severity, $file, $line);
@@ -19,29 +20,12 @@ try {
     });
     eval($evalContent);
     restore_error_handler();
+    $evalSuccess = true;
     ob_end_flush();
 } catch (Throwable $e) {
     restore_error_handler();
-    error_log("Error evaluating content in $evalFile: " . $e->getMessage() . "\nStack trace:\n" . $e->getTraceAsString());
+    error_log("Error evaluating content in $evalFile): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
     ob_clean();
-
-    if ( ! ($evalNoBanner??false) ) {
-        echo "
-            <script>
-            $(function() {
-                try {
-                    console.log('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.');
-                    let phpErrorBanner = addBannerWarning('Fatal error in ".htmlspecialchars($evalFile)."  Code not executed.',true,true);
-                    setTimeout(function() {
-                        removeBannerWarning(phpErrorBanner);
-                    }, 3000);
-                } catch (e) {
-                    console.error('Failed to add banner warning: ' + e);
-                }
-            });
-            </script>";
-    }
     ob_end_flush();   
 }
-$evalNoBanner = false; // reset the variable
 ?>      
\ No newline at end of file
diff --git a/emhttp/plugins/dynamix/include/PageBuilder.php b/emhttp/plugins/dynamix/include/PageBuilder.php
index 9267a2e10..5dcc05d9e 100755
--- a/emhttp/plugins/dynamix/include/PageBuilder.php
+++ b/emhttp/plugins/dynamix/include/PageBuilder.php
@@ -45,15 +45,13 @@ function build_pages($pattern) {
 function page_enabled(&$page)
 {
   global $docroot,$var,$disks,$devs,$users,$shares,$sec,$sec_nfs,$name,$display,$pool_devices;
-  $enabled = true;
+  $enabled = $evalSuccess = true;
   if (isset($page['Cond'])) {
-    $enabled = false;
     $evalContent= "\$enabled={$page['Cond']};";
     $evalFile = $page['file'];
-    $evalNoBanner = true;
     include "$docroot/webGui/include/DefaultPageLayout/evalContent.php";
   }
-  return $enabled;
+  return ($enabled && $evalSuccess);
 }
 
 function find_pages($item) {

From 392a014fb884778a639391cbb9ad45eca03f1eae Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Wed, 8 Oct 2025 16:36:23 -0400
Subject: [PATCH 07/11] Re-add error in console

---
 .../plugins/dynamix/include/DefaultPageLayout/evalContent.php   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index 59149fe57..8762efc61 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -26,6 +26,8 @@ try {
     restore_error_handler();
     error_log("Error evaluating content in $evalFile): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
     ob_clean();
+    echo "<script>console.error('".htmlspecialchars("Error evaluating content in $evalFile: ".$e->getMessage())."');</script>";
     ob_end_flush();   
 }
+
 ?>      
\ No newline at end of file

From 8fa55ad2dba8e41bcb5bbdec6bca3a3058cfed67 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Wed, 8 Oct 2025 19:21:17 -0400
Subject: [PATCH 08/11] Update evalContent.php

---
 .../include/DefaultPageLayout/evalContent.php | 49 ++++++++++---------
 1 file changed, 27 insertions(+), 22 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index 8762efc61..f3d12680d 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -6,28 +6,33 @@
 // The PHP error logged will also include the path of the .page file for easier debugging
 
 $evalSuccess = false;
-ob_start();
-try {
-    set_error_handler(function($severity, $message, $file, $line) use ($evalFile) {
-        // Only convert errors (not warnings, notices, etc.) to exceptions
-        if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
-            throw new ErrorException($message, 0, $severity, $file, $line);
-        } else {
-            error_log("PHP Warning/notice in $evalFile");
-        }
-        // Let warnings and notices be handled normally
-        return false;
-    });
-    eval($evalContent);
-    restore_error_handler();
-    $evalSuccess = true;
-    ob_end_flush();
-} catch (Throwable $e) {
-    restore_error_handler();
-    error_log("Error evaluating content in $evalFile): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
-    ob_clean();
-    echo "<script>console.error('".htmlspecialchars("Error evaluating content in $evalFile: ".$e->getMessage())."');</script>";
-    ob_end_flush();   
+$evalFile = $evalFile ?? "Unknown";
+if ( ! ($evalContent ?? false) ) {
+  error_log("No evalContent within $evalFile");
+  return;
 }
 
+ob_start();
+try {
+  set_error_handler(function($severity, $message, $file, $line) use ($evalFile) {
+    // Only convert errors (not warnings, notices, etc.) to exceptions
+    if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
+      throw new ErrorException($message, 0, $severity, $file, $line);
+    } else {
+      error_log("PHP Warning/notice in $evalFile");
+    }
+    // Let warnings and notices be handled normally
+    return false;
+  });
+  eval($evalContent);
+  restore_error_handler();
+  $evalSuccess = true;
+  ob_end_flush();
+} catch (Throwable $e) {
+  restore_error_handler();
+  error_log("Error evaluating content in $evalFile): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
+  ob_clean();
+  echo "<script>console.error('".htmlspecialchars("Error evaluating content in $evalFile: ".$e->getMessage())."');</script>";
+  ob_end_flush();   
+}
 ?>      
\ No newline at end of file

From 31e41003877ab36572fd05a36912a7777a03750f Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Thu, 9 Oct 2025 16:41:39 -0400
Subject: [PATCH 09/11] Don't log silenced PHP warnings

---
 .../include/DefaultPageLayout/evalContent.php    | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index f3d12680d..25507f35f 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -15,11 +15,18 @@ if ( ! ($evalContent ?? false) ) {
 ob_start();
 try {
   set_error_handler(function($severity, $message, $file, $line) use ($evalFile) {
-    // Only convert errors (not warnings, notices, etc.) to exceptions
-    if ($severity & (E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR)) {
+    // If error was suppressed with @, error_reporting will be 0
+    if (!(error_reporting() & $severity)) {
+      return true;
+    }
+    // Only convert fatal errors to exceptions
+    $fatalErrors = E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR;
+    if ($severity & $fatalErrors) {
+      error_log("PHP Fatal Error (Severity: $severity) in $evalFile: $message");
       throw new ErrorException($message, 0, $severity, $file, $line);
     } else {
-      error_log("PHP Warning/notice in $evalFile");
+      // Log non-fatal errors with evalFile context
+      error_log("PHP Error (Severity: $severity) in $evalFile: $message at $file:$line");
     }
     // Let warnings and notices be handled normally
     return false;
@@ -30,7 +37,8 @@ try {
   ob_end_flush();
 } catch (Throwable $e) {
   restore_error_handler();
-  error_log("Error evaluating content in $evalFile): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
+  $severity = ($e instanceof ErrorException) ? $e->getSeverity() : 'N/A';
+  error_log("Error evaluating content in $evalFile (severity: $severity): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
   ob_clean();
   echo "<script>console.error('".htmlspecialchars("Error evaluating content in $evalFile: ".$e->getMessage())."');</script>";
   ob_end_flush();   

From de8974f6da5794e5c28595d694bc8a612c8bdbd1 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Thu, 9 Oct 2025 17:26:30 -0400
Subject: [PATCH 10/11] Protect parsing headers of .page file

Simple protection -> assigns default in case of an error
---
 emhttp/plugins/dynamix/include/PageBuilder.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/emhttp/plugins/dynamix/include/PageBuilder.php b/emhttp/plugins/dynamix/include/PageBuilder.php
index 5dcc05d9e..32cb0b68a 100755
--- a/emhttp/plugins/dynamix/include/PageBuilder.php
+++ b/emhttp/plugins/dynamix/include/PageBuilder.php
@@ -18,7 +18,11 @@ function get_ini_key($key,$default) {
   $x = strpos($key, '[');
   $var = $x>0 ? substr($key,1,$x-1) : substr($key,1);
   global $$var;
-  eval("\$var=$key;");
+  try {
+    eval("\$var=$key;");
+  } catch (Throwable $e) {
+    return $default;
+  }
   return $var ?: $default;
 }
 

From f053ef52e613d7c1a5fcbd30d7eb30d596ba0176 Mon Sep 17 00:00:00 2001
From: Squidly271 <unraidsquid@gmail.com>
Date: Thu, 9 Oct 2025 17:47:46 -0400
Subject: [PATCH 11/11] Coderabbit changes

---
 .../dynamix/include/DefaultPageLayout/evalContent.php        | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
index 25507f35f..733243c8d 100755
--- a/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
+++ b/emhttp/plugins/dynamix/include/DefaultPageLayout/evalContent.php
@@ -2,7 +2,7 @@
 // This evaluates the contents of PHP code.  Has to be "included" because the code is evaluated in the context of the calling page.
 // $evalContent is the PHP code to evaluate.
 // $evalFile is the file that the code is being evaluated in
-// If an error occurs, a banner warning (disappearing in 10 seconds) is added to the page.
+// Errors will be logged in the console and the php error log
 // The PHP error logged will also include the path of the .page file for easier debugging
 
 $evalSuccess = false;
@@ -40,7 +40,8 @@ try {
   $severity = ($e instanceof ErrorException) ? $e->getSeverity() : 'N/A';
   error_log("Error evaluating content in $evalFile (severity: $severity): ".$e->getMessage()."\nStack trace:\n".$e->getTraceAsString());
   ob_clean();
-  echo "<script>console.error('".htmlspecialchars("Error evaluating content in $evalFile: ".$e->getMessage())."');</script>";
+  $errorMessage = "Error evaluating content in $evalFile: ".$e->getMessage();
+  echo "<script>console.error(".json_encode($errorMessage).");</script>";
   ob_end_flush();   
 }
 ?>      
\ No newline at end of file