Jpoel Posted May 15, 2008 Share Posted May 15, 2008 Ok basically. this is what i have. I want the user to be able to enter PHP code in the box, click the button, and have it executed. Ive thought of one solution, Which is to save what the user types to a text file held on my server, and then use the include function to run the php code.. and this is what i came up with: $script = $_POST['script']; if($script){ $myFile = "ScriptHook.hk"; $fh = fopen($myFile, 'w') or die("can't open file"); fwrite($fh, $script); fclose($fh); include 'ScriptHook.hk'; } But i get loads of errors like this: Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\xampplite\htdocs\Pickle\ScriptHook.hk on line 2 Parse error: syntax error, unexpected $end in C:\xampplite\htdocs\Pickle\ScriptHook.hk on line 17 Thats because when my scripts writes to ScriptHook.hk.. it changes all the " to \", rendering the script unexecutable. Anyone know how i could do this? Cheers. Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/ Share on other sites More sharing options...
RichardRotterdam Posted May 15, 2008 Share Posted May 15, 2008 Yikes... you sure you wanna do that cos thats an excellent why to break into a computer Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541679 Share on other sites More sharing options...
Jpoel Posted May 15, 2008 Author Share Posted May 15, 2008 Im sure it is. but im the only one to be using this script. Plus im going to be running it on my Xampplite server too, not anything public Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541682 Share on other sites More sharing options...
MadTechie Posted May 15, 2008 Share Posted May 15, 2008 try this <?php eval($_POST['script']); ?> Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541688 Share on other sites More sharing options...
Jpoel Posted May 15, 2008 Author Share Posted May 15, 2008 Doesnt work. :-X Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541696 Share on other sites More sharing options...
MadTechie Posted May 15, 2008 Share Posted May 15, 2008 works fine for me <?php if(!empty($_POST['script'])) eval($_POST['script']); ?> <form method="POST"> <input name="script" type="text" value="echo 'Hello World';"> <button type="submit">Run</button> </form> Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541700 Share on other sites More sharing options...
Jpoel Posted May 15, 2008 Author Share Posted May 15, 2008 works fine for me <?php if(!empty($_POST['script'])) eval($_POST['script']); ?> <form method="POST"> <input name="script" type="text" value="echo 'Hello World';"> <button type="submit">Run</button> </form> I get this when i copy and paste that code you have just given into a php script and run it. Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\xampplite\htdocs\Pickle\runit.php(2) : eval()'d code on line 1 Warning: Unexpected character in input: ''' (ASCII=39) state=1 in C:\xampplite\htdocs\Pickle\runit.php(2) : eval()'d code on line 1 Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in C:\xampplite\htdocs\Pickle\runit.php(2) : eval()'d code on line 1 Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541703 Share on other sites More sharing options...
MadTechie Posted May 15, 2008 Share Posted May 15, 2008 ahhh MagicQuotes (hate them) Heres a fix, to work with and without magic quotes <?php if(!empty($_POST['script'])) { $script = (get_magic_quotes_gpc())?stripslashes($_POST['script']):$_POST['script']; eval($script); } ?> <form method="POST"> <input name="script" type="text" value="echo 'Hello World';"> <button type="submit">Run</button> </form> Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541706 Share on other sites More sharing options...
Jpoel Posted May 15, 2008 Author Share Posted May 15, 2008 ahhh MagicQuotes (hate them) Heres a fix, to work with and without magic quotes <?php if(!empty($_POST['script'])) { $script = (get_magic_quotes_gpc())?stripslashes($_POST['script']):$_POST['script']; eval($script); } ?> <form method="POST"> <input name="script" type="text" value="echo 'Hello World';"> <button type="submit">Run</button> </form> Hey, thanks allot man it works now! Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541718 Share on other sites More sharing options...
MadTechie Posted May 15, 2008 Share Posted May 15, 2008 if done can you click solved please as a note to fix your code (writing the file) add $script = (get_magic_quotes_gpc())?stripslashes($_POST['script']):$_POST['script']; before the write fwrite($fh, $script); Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541721 Share on other sites More sharing options...
redarrow Posted May 15, 2008 Share Posted May 15, 2008 eval <<<<< be carefull Read about it........... Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541722 Share on other sites More sharing options...
Jpoel Posted May 15, 2008 Author Share Posted May 15, 2008 if done can you click solved please as a note to fix your code (writing the file) add $script = (get_magic_quotes_gpc())?stripslashes($_POST['script']):$_POST['script']; before the write fwrite($fh, $script); I was only going to write to the file because i knew i could use the include function to run the php But your way works fine (Y) Cheers. Link to comment https://forums.phpfreaks.com/topic/105723-solved-running-custom-php-lines/#findComment-541971 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.