View Full Version : Executing PHP from MYSQL DB Problem

07-04-2005, 12:31 AM
Hi guys.

I have a variable that contains this:

print "HELLO THERE";

alert ("HI!");

Right now I have it being turned into this:

print "<P>";
print \"HELLO THERE\";
print " </P>
<script language=\"javascript\">
alert (\"HI!\"); </script>";

What I need is for the quotations between the original [php-] and [/php-] to not be escaped. I used addslashes to escape the variable in the first place to fix the quotes outside of the php tags.

I am using this so I can store php code inside of pages, that will be executed using exec when the page is being displayed.

If anyone could tell me how to fix this, or has an alternate way of doing this, please let me know.

Thanks a lot.

07-04-2005, 01:08 AM
just store the code as a string and use the eval (http://www.php.net/eval) fucntion.

07-04-2005, 01:33 AM
Thats what I'm doing, but I have html and PHP code stored in the the database together in 1 record.

I need the non php code to have escaped quotations, and the php code to not be escaped.

Thats what my problem is.

07-05-2005, 06:35 AM
Well, I got around my problem. Its not the best way, but it will do. If anybody can improve upon it, go ahead.

while ($start = strpos($cont, "[php-]", $end))
$end = strpos($cont, "[/php-]");

if ($end === false)
$end = strlen($cont);

$temp = substr($cont, $start, $end);
$temp2 = stripslashes($temp);

$cont = str_replace($temp, $temp2, $cont);
print htmlentities($temp2) . "<br /><br />";

It just searches for a [php-] tag, and if it finds one, then searchs for a [/php-] tag. Then it strips the slashes from that section of the string, and switches the updated version of the string with the old version.