You could however theoretically use ini_set() and then declare your disabled functions such as mail(), mysql_connect() etc.
Also if you were to do that, be sure to disconnect from mysql before the eval() call and reconnect again after so that users can't run their own queries against your database.
Again it's only theoretical, you'd need to do some testing but its an idea I came up with as I have a requirement similar to yours for a project of mine thats still on the back burner.
My helpful sig has gone because a mod below the administrator gave me an infraction - despite the administrator personally agreeing to it.
If you need any php tips or tricks you can PM me.