eval() to run a dynamic sprintf() query

Posted on 2003-11-16
Last Modified: 2011-10-03

I'm working on some code that I want to make portable across various pages within the site I'm working on. Most of the code is placed inside 'include' files and specific variables are set on each page to activate sections of the code. This is working fine except for a line of code that is supposed to set up a query via an eval() function. The code I have is as follows:

// Code in page
$fillCheckBoxQry = "sprintf(\"SELECT unit_id FROM user_resident WHERE user_id = %s GROUP BY unit_id ORDER BY unit_id ASC\", $treeUser);";
// $treeUser is generated within the include files.
// Portion of code within include file
// $database_gatekeeper, $gatekeeper are database connection parameters
function fillCheckBox() {
// Write javascript function contents to fill checkboxes
      global $database_gatekeeper, $gatekeeper, $fillCheckBoxQry, $treeUser;
      mysql_select_db($database_gatekeeper, $gatekeeper);
      $query_rsCheckBox = eval($fillCheckBoxQry); // *** This is where the problem is!
      $rsCheckBox = mysql_query($query_rsCheckBox, $gatekeeper) or die(mysql_error());
      $row_rsCheckBox = mysql_fetch_assoc($rsCheckBox);
      $totalRows_rsCheckBox = mysql_num_rows($rsCheckBox);

      $strVars = "";
      do {
            $strVars .= $row_rsCheckBox['unit_id'].", ";
      } while ($row_rsCheckBox = mysql_fetch_assoc($rsCheckBox));
      if ($strVars) {
            echo "      strVars = new Array(".substr($strVars,0,-2).")\n";
      } else {
            echo "      strVars = new Array()\n";
} // end fillCheckBox()

The above doesn't execute the sprintf() function. Can anyone point me in the right direction?
Question by:Das246
  • 3
  • 3
LVL 13

Expert Comment

ID: 9761083

you're not actually executing the function, merely storing it as a string inside the variable.. you need this to have the function run:

$fillCheckBoxQry = sprintf("SELECT unit_id FROM user_resident WHERE user_id = '%s' GROUP BY unit_id ORDER BY unit_id ASC", $treeUser);

i've added quotes around the %s as well, since you'll need this if $treeUser is a string to be found in the database, otherwise MySQL will think it's a column name


Author Comment

ID: 9761346
Sorry, still doesn't work.
$treeUser is another dynamic variable that is calculated while the page loads so if I perform the sprintf() too early there is no $treeUser var.

I really need to be able to store the dynamic 'SELECT' statement until all the variables are in place, then execute it.

thanks Das246

Author Comment

ID: 9761568
I got around the problem by creating a function before the include file...

function queryMaker($where) { // Create query for checkboxes
      return "SELECT unit_id FROM user_resident WHERE user_id = '".$where."' GROUP BY unit_id ORDER BY unit_id ASC";

The include file then calls the function...

$query_rsCheckBox = queryMaker($treeUser);

If eval() can do the same I would still like to know.


Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

LVL 13

Accepted Solution

lozloz earned 30 total points
ID: 9762970

sorry i didn't read the whole thing, silly me. eval only takes the code and runs it, it doesn't return the value of it unless you specify a return statement inside the evaluated code. so you need something like this:

$fillCheckBoxQry = "\$query_rsCheckBox = sprintf(\"SELECT unit_id FROM user_resident WHERE user_id = %s GROUP BY unit_id ORDER BY unit_id ASC\", $treeUser);";



Author Comment

ID: 9766564
Thanks loz,

That works great.
So does eval() have to be a complete line of code? Is there a way of combining an eval statement with a variable such as:

$var = eval($str_code);

You mentioned a return statement as another possible solution from within the eval()


LVL 13

Expert Comment

ID: 9766652
if you wanted i suppose you could try $fillCheckBoxQry = "sprintf(\"SELECT unit_id FROM user_resident WHERE user_id = %s GROUP BY unit_id ORDER BY unit_id ASC\", $treeUser); return $fillCheckBoxQry;";

i think that'd work


Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Testing a string condition in PHP 6 22
php construct 5 26
MySql and Apache/PHP Error Reporting 2 28
how to use 2 SELECT statements with prepared statements 19 30
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses four methods for overlaying images in a container on a web page
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question