Jump to content

[SOLVED] Conditions In Database


fanfavorite

Recommended Posts

I was wondering how I would convert a conditional statement that is in a database to an actual statement.  For example, the database is if $TestMode == "Yes".  If I do that in a statement like:

 

$q = mysql_query("SELECT FROM TestTable");

while ($f = mysql_fetch_array($q)) {

    if ($f[Condition]) {

          echo 'Condition Passed';

    }

}

 

This will not work however, as I believe it is reading it as a full string, rather than a condition.  My workaround right now is to strip out the equation into parts, but that is a pain when it gets complex.

 

Any help would be appreciated.

 

Thanks.

 

Link to comment
https://forums.phpfreaks.com/topic/168817-solved-conditions-in-database/
Share on other sites

Corrections FTW (for the win)!

 

<?php

// SQL query with CORRECT syntax
$sql = "SELECT * FROM TestTable";

$q = mysql_query($sql);
while ($f = mysql_fetch_array($q)) {
     // Correction array key as STRING
     if ($f['Condition']) {
          // The above condition will ONLY pass if $f['Condition'] expression > 0
          // So you need to know how PHP treats strings/ints/arrays/constants as test cases.
          echo 'Condition Passed';
     }
}

?>

That was just a quick example I put up to keep it very simple.  I need a way to store conditions.  Right now I do it in a database.  So for example, the first line has conditions attached:

 

$testvariable=="Some Text";$testvariable2=="Some Other Text"

 

That whole thing is in the database field and I explode ";" to separate into different conditions.  It is just true when you put it in the condition, like you mentioned above because it is making the whole thing:

 

if ('$testvariable=="Some Text"') {

 

Rather than what I am looking for it to do:

 

if ($testvariable=="Some Text") {

 

Do you have any ideas on the best way to accomplish this? 

 

You would need to use eval() in order to evaluate code that is contained in a string. However, one of the prime rules of good programming is the separation of code from data and putting code into a database generally shows that you are doing something the hard way. Using eval() is extremely insecure because all a hacker would need to do is to get his code into your database and he could take over your site when that code is processed through eval(). What exactly are you trying to accomplish by putting conditional tests/code in a database that you could not accomplish by using variables and properly written logic?

Thank you, that was what I was looking for.  What I am doing is creating customizable conditional statements for websites to be able to choose a field from a drop down, what operation (==, >, >=, etc) in a drop down and a value.  I am setting it up to be secure to not allow injections, etc.  I also need to be able to make specific conditions manually.  It is all reading into a file on a server that displays certain content depending on the persons database.  Not sure if I am explaining very well, but don't know how to really explain it much better.

look

<?php
$test = '$testvariable=="Some Text"';
$testvariable="Some Text";
eval('$xxx = '.$test.';');
if ($xxx) echo 'pass'; else echo 'no';
echo "<hr />\n";
$testvariable="Other Text";
eval('$xxx = '.$test.';');
if ($xxx) echo 'pass'; else echo 'no';
?>

I would still like to point out that your database design is the prime fault here. You shouldn't be having to use eval() to process this information.

You should have a normalised schema where you have a table containing key=>value tuples.

e.g.

Settings table
==========================
id | key          | value
1  | testvariable  | some text
1  | testvariable2 | some more text

 

Where the ID field if a reference to a record in your primary table.

Thus you can do:

 

SELECT * 
FROM settings 
WHERE id = 1;

 

You can then place all these key=>values into an associative array.

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.