#!/usr/bin/perl -w
use stritct;

my $c1 = 'system("touch /tmp/test1.txt")';  
my $c2 = 'system("touch /tmp/test2.txt")';  

#used as string (Dangerous!!!)
eval $c1;

#used as block (ok)
eval {$c2};  # <- gives a useless use of private variable in void cont
+ext.
[download]

You can think of the two versions of eval as completely different 'functions' (although the block form is not a function - it's a flow control statement(?)). Perhaps they should actually have different names, because they do completely different things.

String eval takes a string, interpolates varibles, and executes the string as Perl code. You use this to delay the evaluation / parsing of whatevers in the string to run-time. It allows you to build Perl programs on the fly and run them. The reason it's dangerous is because the temptation is there to insert user input into the string, effectively allowing the user to execute arbitrary code.

Block eval doesn't have this issue because the code inside it is parsed at the same time as the rest of the code in the program. Therefore, user values can't be inserted into the code.

The primary use of block eval is to catch die / croak, etc. Again, this is another slightly strange naming issue in Perl - in this case, your program won't actually die, it just provides a way of exception handling (i.e. passing error information between levels of the application). In most other languages, the block eval is called 'try', and has a corresponding block called 'catch'. In Perl (5 at least, this changes in 6), the same functionality is achieved by eval{} / if ($@).

I suggest you read the eval POD for full details.

String eval takes a string, interpolates varibles, and executes the string as Perl code.

No, eval doesn't interpolate variables. If you say something like eval "$foo$bar", the "" results in a string with $foo and $bar interpolated into it, but that's nothing to do with eval.