Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New Coder
    Join Date
    Jan 2005
    Posts
    93
    Thanks
    4
    Thanked 0 Times in 0 Posts

    php code stored in the db

    Hello,

    I have some html stored in MySql and now I have to add some PHP to it. This code will be loaded from the db and should be executed. Is that feasible?

    Here is what is typically in the db:


    PHP Code:
    <div class="messages"
    if(
    $error){ 
        echo(
    '<span class="error">an error occured</span>'); 

    <
    p
    your messages... 
    </
    p
    </
    div

    And here is the file using the above code:


    PHP Code:
    //db connection etc. 

    <div class="container"
        echo(
    $row['content']); 
    </
    div
    In this exemple, $row['content'] is what is retrieved from the db (cf. first code exemple).

    Thanks in advance for your help

  • #2
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    I'd sugest you to find a different method than storing PHP code in the DB. Though if you really want to do it you'll have to use eval().
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #3
    Senior Coder
    Join Date
    Apr 2005
    Location
    Colorado, United States
    Posts
    1,208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    eval() can be a security nightmare...but if you really want to do it that way, thats how you would. I'd suggest just storing it on the filesystem...I did a website entirely from the database once (including logo)...it wasn't pretty.
    "$question = ( to() ) ? be() : ~be();"

  • #4
    New Coder
    Join Date
    Jan 2005
    Posts
    93
    Thanks
    4
    Thanked 0 Times in 0 Posts
    if I store html in a db, how can avoid storing php in the db?

  • #5
    Senior Coder
    Join Date
    Apr 2005
    Location
    Colorado, United States
    Posts
    1,208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You should store all of it out of the db, unless its just static content like a news article with HTML markup or something. If it has PHP weaved into it, store it in the filesystem.
    "$question = ( to() ) ? be() : ~be();"

  • #6
    Regular Coder Element's Avatar
    Join Date
    Jul 2004
    Location
    Lynnwood, Washington, US
    Posts
    855
    Thanks
    2
    Thanked 2 Times in 2 Posts
    The only safe way to use eval is if you define acceptable PHP and check to make sure the code in the string is acceptable before using eval().

  • #7
    New Coder
    Join Date
    Jan 2005
    Posts
    93
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Ok I'll check it out... But still, if I have a few if statements embedded in my html code, I thought that eval was a good solution.

    Exemple:

    PHP Code:
    <div>
        if(
    $error){
            echo(
    '<span class="error'>error</span>);
        }
        
    //content
    </div
    Is that risky and ugly to proceed like that?


  • #8
    Senior Coder
    Join Date
    Apr 2005
    Location
    Colorado, United States
    Posts
    1,208
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Just use .php pages. Eval() is needless.

    PHP Code:
    <div> 
    <?php
        
    if($error){ 
            echo(
    '<span class="error'>error</span>); 
        } 
    ?>
        //content 
    </div>
    However, all code must be enclosed in php tags, regardless if it is parsed as PHP or not. If you truly want to have .html extensions, you can just force .html pages to be run through the PHP interpreter so that the code in the section above would be run. In a .htaccess in the root web directory (usually /public_html) you'd put:

    Code:
    <Files *.html>
         ForceType application/x-httpd-php
    </Files>
    "$question = ( to() ) ? be() : ~be();"


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •