PHP STORED IN MYSQL

[ecabrera]

Ok so im creating and application that lets you add php code and run it.  the code is inserted in my MySQL db and when i retrieve it i use this

echo $runcode;

 

but it does not do the action for example if a person add this

<?php
echo "HELLO";
?>

 

when i retrieve it from the db it loooks like this

 

$runcode = stripslashes($rows['code']);

 

and then i do this

 

echo $runcode;

 

but when i look at my website it does not run it it to prints out anything

[PFMaBiSmAd]

Databases are for storing data (kind of why they are named what they are.) Code is not data.

 

Why do you want to store php code in a database and then run that php code, given that this would be like giving a hacker an invitation to take over your web site.

[ecabrera]

the application is kinda like w3school's Try it Yourself funtion

[kicken]

the application is kinda like w3school's Try it Yourself funtion

 

You need to either use eval() to run the code, or write it out to a temporary file and then include() that file.  The later is probably the easiest.

 

Note that running arbitrary code is dangerous.  Someone with bad intentions would mess up your site pretty good if you just let them run whatever code they want.  If your trying to do this for your own personal use, you'd probably be better off installing a local server using a package like xampp or wamp.  If your trying to setup some kind of site to let users run code (like for tutorials or whatever) you need to  take a lot of precautions on how you setup the server to prevent people from damaging stuff.

 

 

[ecabrera]

thanks