Storing php code in mysql :: fetching and parsing question

Forum Moderators: coopster

Message Too Old, No Replies

woemlavy

10:10 pm on Dec 9, 2004 (gmt 0)

I have some simple HTML code stored in a MySQL table. Within that HTML code I have a variable that is waiting to be defined. I am able to fetch and display this HTML code, but the variable is not being defined.

Here is the page that calls on MySQL.

<?
//Connect to the Mysql Server and select the database
$username="##";
$password="##";
$database="##";
mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

//Run a query
$query="SELECT cell.name FROM table WHERE id = '##'";
$result= @mysql_query ($query);

//Get the result
if ($result) {
echo '<table><tr><td>';
while ($row=mysql_fetch_row($result)) {
print "$row[0]";
</td></tr>';
}
echo '</table>';
}
?>

The code that is stored in MySQL:

Can someone help me out?

-Thanks,
Chris

jatar_k

10:36 pm on Dec 9, 2004 (gmt 0)

maybe instead of

print "$row[0]";

try

eval [php.net]($row[0]);

woemlavy

10:47 pm on Dec 9, 2004 (gmt 0)

testing....

woemlavy

11:32 pm on Dec 9, 2004 (gmt 0)

I tried this:

//Get the result
$row=mysql_fetch_row($result); {
eval($row[0]);
print "$row[0]";
}

and I recieved this error:

Parse error: parse error in c:development/test.php(145) : eval()'d code on line 1

Warboss Alex

10:47 am on Dec 10, 2004 (gmt 0)

Your stored code has a parse error! Check it.

woemlavy

4:17 pm on Dec 10, 2004 (gmt 0)

I am very new to all of this and I am having trouble. I want to pull a single record out of the database and then parse it before displaying.

Am I even on the right track with my current script?

Salsa

5:30 pm on Dec 10, 2004 (gmt 0)

Did you look at the link that Jatar gave you and follow Warboss' advice?

I'll warn you that eval isn't a function to cut your PHP teeth on. When you use it, it's crucial that the argument be valid PHP code. Try running this test to get the hang of it.

$_GET['id'] = 123; // first two lines are just to fake some values
$row[0] = '<a href=\"http://www.mySite.com/somepage.php?id=\"'.$_GET['id'].'\" target=\"_blank\">Added an anchor closing for testing.</a>';
eval("\$row[0] = \"$row[0]\";");
print $row[0]. "<br>\n";
print htmlspecialchars($row[0]). "<br>\n"; // see that 123 is in there

The value I've given to $row[0] is the kind of valid code that you'll be required to have in your database in order for eval to work. Getting it in there, however, is another matter.

I hope this helps.

Salsa

7:42 pm on Dec 10, 2004 (gmt 0)

Looking at this again, I should have transposed the first two lines of the code to make sure that id is being populated by eval. In the current test it is not, and I haven't (and am not going to) test whether it will work.

Something that no one has asked you, Woemlavy, is why are you doing this? My favorite quote from the php.net eval() page is:

If eval() is the answer, you're almost certainly asking the wrong question. -- Rasmus Lerdorf

Well, of course, I did have to test it, and this does work:

$row[0] = '<a href=\"http://www.mySite.com/somepage.php?id=$_GET[id]\" target=\"_blank\">Added an anchor closing for testing.</a>';
echo $row[0]. "<br>\n";
print htmlspecialchars($row[0]). "<br>\n";
$_GET['id'] = 123;
eval("\$row[0] = \"$row[0]\";");
print $row[0]. "<br>\n";
print htmlspecialchars($row[0]). "<br>\n"; /// see that 123 is in there