When (if Ever) is eval NOT Evil?

While PHP's eval function has often been discouraged, its utility in PHP 5.3 is debatable. Despite the emergence of LSB and closures, here are some conceivable use cases where eval may still be the preferred choice:

Evaluating Safe Expressions:
Eval can be used to evaluate numerical or other specific subsets of PHP code, such as simple mathematical expressions, without posing security risks.

Unit Testing:
Eval can simplify unit testing by dynamically generating code fragments to test specific scenarios or corner cases.

Interactive PHP Shell:
For interactive PHP environments like a shell or console, eval allows the user to execute arbitrary code on the fly.

Deserializing Trusted var_export Data:
Eval is necessary for deserializing PHP data that has been exported using the var_export function, especially when the data is known to be trusted.

Some Template Languages:
Certain template languages, such as Smarty, rely on eval for dynamically executing and displaying code fragments in web applications.

Backdoors for Administrators or Hackers:
Although not recommended, eval can be used to create backdoors or remote access points in web applications, enabling administrators or hackers to bypass normal authentication mechanisms.

Compatibility with Pre-PHP 5.3:
Code written for earlier PHP versions may still require the use of eval for certain features or functions, providing backward compatibility.

Syntax Checking (Caution Advised):
While potentially unsafe, eval can be used for basic syntax checking by attempting to execute code and capturing any runtime errors. However, it is important to note that this approach does not guarantee complete syntax validation.