eval() help

[asgsoft]

Hi

 

I need help with the eval() function.

 

I have code (mixture of PHP and MySQL) stored in a database as shown below.

 

 

I am trying to use eval() like this:

 

eval("\$get_tool_info['top']");
echo $tool_top;

to get the code to be processed.

 

What do you advice me to do becuase at the moment it doesn't do that. It just prints the writing.

[asgsoft]

anyone can offer me help?

[drewbee]

Eval is a very interesting little thing. It parses strings as php, and while you have a string, it is not valid php code.

 

if you want to set variables inside of eval:

 

eval("\$var = \"Set value!\";");

 

so when displaying data pulled from a database row...

 

eval("echo \"{\$row['main']}\";");

 

 

Let me know how that works for you.

[asgsoft]

but what if the actual database entry has variables?

 

because doing what you said is still not working

[redarrow]

We are programmers and entering php code in a database is not a good idear even theo u can use eval to extract the information the function eval has many hidden bad drawbacks in php.

 

the idear of php programming is to create the code bare or function's or oop and use a database to enter information

via a form.

 

if the programming page needs to be hidden use a encripted application to hide the code not a database.

[lur]

$code = 'var_dump(phpversion());';
eval($code); // works

$code = '<?php var_dump(phpversion()); ?>';
eval($code); // Parse error: syntax error, unexpected '<' in filename on line

function reval($str) {
file_put_contents($file = tempnam('./', 'rev'), $str);
require $file;
unlink($file);
}

reval($code); // works

[asgsoft]

What I am trying to do is a template version of my site that is easier to edit. So I thought that if I have all the pages as a database entery it would work. However it doesn't seem that way.

 

What do you suggest I try now?

 

use a .tpl with databases to call the specific files?

 

Any advice would be great.

 

Thanks

[drewbee]

Personally, I have a object that I use for templating. Something kinda like this. As well, in the templating I also use throwError and throwWarning.

 

Throw warning is used to report back to the user any information that they entered incorrectly, or if they did something wrong (it will display the warning, then the original page that is to be displayed). So if a user enters a field into a form wrong, a warning is thrown.

 

ThrowError is a little more rough. It outputs an error message within the template, and after that removes any possibility of anything else running. It just displays the error then die();

 

I also have a drawForm function. I keep all my forms in a seperate html file. DrawForm then references and includes that html file. I separate all the HTML from the logic.

 

I'll show you my code for my registration page. This code below complete draws the forms, validates, and processes.

 

 

Even on the intial construction of the object, i pass to it whether a person needs to be logged in to view the page or not.

<?php
// UseDBConnection yes/no, LoginRequired yes/no, Session Initialization on/off
$page = new Page(true, false, true);

$page->Title = 'Site Title';
$page->SubTitle = 'Site Sub Title';
$page->InnerTitle = 'Current Page Title';

// Draw the opening to "content" true/false
$page->drawHeader(false);

// One thing I don't have yet is that the object checks to see if you are logged in or not logged in, though it will
// only kick the person out if log in is required and they are not logged in. It does not currently kick them out if they are
// required NOT to be logged in. Same idea, just backwards and my own laziness... this would come into effect on screens such as
// logging in or registration (shouldn't access these pages if you are already logged in)
// 
if ($account->ID)
{
        
$page->throwError('You are already currently logged in');
}
else
{
// Class Register Extends Page
require($_SERVER['DOCUMENT_ROOT'] . "/includes/classes/register.class.php");

$register = new Register();

if ($register->isPostBack)
{
	$register->Validate();

	if (count($register->ERRORS) > 0)
	{

		$register->throwWarning("Please Check your form for the following errors", $register->ERRORS);
		$register->drawForm('register');		
	}
	else
	{
		$register->Process($page->color);
		echo 'Thank you. Your account has been sucesfully created, though it is not active. In order to activate your account, check your email address at <b>'.htmlspecialchars($_POST['Email']).'</b>. In this email, you will receive a password that you can use to log in to the system. Did you enter an invalid password? Hit the back button and register with the correct one.';
	}

}
else
{
	$register->drawForm('register');
}
}
$page->drawFooter();
?>

 

I know this may seem a bit random, but objects are a great way to handle templating

[keeB]

Hey drew...

 

If throwError call's a die(), why do you have it all in a if-else block?

 

I'm speaking about this part:

 

if ($account->ID)
{
        
$page->throwError('You are already currently logged in');
}
else
{
   .
   .

 

Just wondering, I just hate IF's

 

Love the template idea though

[rameshfaj]

<?php

$string = 'cup';

$name = 'coffee';

$str = 'This is a $string with my $name in it.';

echo $str. "\n";

eval("\$str = \"$str\";");

echo $str. "\n";

?>

 

the output is:

 

This is a $string with my $name in it.

This is a cup with my coffee in it.

 

So u should decide whether ur deed is as ur need or not.The eval function only evaluates the expression.

[asgsoft]

Where is the best place to start learning about objects?

 

also whats your view on using tpl files as mentioned in my previous post?

[drewbee]

Hey drew...

 

If throwError call's a die(), why do you have it all in a if-else block?

 

I'm speaking about this part:

 

if ($account->ID)
{
        
$page->throwError('You are already currently logged in');
}
else
{
   .
   .

 

Just wondering, I just hate IF's

 

Love the template idea though

 

It was a sort of "workaround" that I had to do. I wanted the errors to still display within the template., however if i ran throwError without a die, it would continue to display the footer as well. In this exact example, the error is only thrown if a user is currently logged in, and they should not be on the page. (IE Registration or login page). In my throwError function it checks and sees if the header is drawn already. If it isn't, draw it, if it is just leave it. It then displays the error box, then displays the footer (by this time their is no possibility of the footer being drawn, so throwError has to do it). Then at the end of throwError die() is called to prevent the original footerDraw call being made, and more specifically any additional code that would execute).

 

It isn't like your usual try/catch situation. I have to initiate throwError.

I hope this answers your question.

 

I am a little confused about what you mean by IF's? Aren't these kinda essential???

 

Where is the best place to start learning about objects?

Objects are a fun little thing. PHP freaks has a few really good tutorials on them. Just search the tutorials DB for "OOP" or "object"

 

also whats your view on using tpl files as mentioned in my previous post?

I have no problem with them. I have used several applications that have sucesfully used them. With my template the drawForm function is basically doing exactly what the tpl files are used for, except I only use them with forms and they are php files instead.

[keeB]

I suppose I should have said...

 

Infinite (or very long) else blocks are a peeve of mine.

 

A guy I work with... man he LOVES his IF statements.

[drewbee]

Haha, Yeah. These are the only cases to which i would do that, and I guess it doesn't even have to be within the else block. I just happen to do the else for structuring. It would work exactly the same though if the else wasn't their.