?
Solved

execute php code contained in a mysql database

Posted on 2005-05-05
12
Medium Priority
?
293 Views
Last Modified: 2008-03-06
Is it possible for me to execute php code contained in a mysql db from another script?

For instance, if i store the code include("test/test.php"); in a mysql database, can i then use a script to pull the data from the database and execute that code?

thanks.
0
Comment
Question by:linuxrox
  • 2
  • 2
  • 2
  • +4
12 Comments
 
LVL 33

Expert Comment

by:snoyes_jw
ID: 13939795
Yes.  Check out the eval() function.
http://www.php.net/manual/en/function.eval.php
0
 
LVL 4

Expert Comment

by:punkstar
ID: 13940095
yes, as snoyes said, use the eval function.

1.) You need to create the mysql connection with mysql_connect();
2.) Write your SQL and query the database with mysql_query();
3.) Parse your result with the eval(); function.

for example.

<?php
$connect = mysql_connect("server,"username","password");
mysql_select_db("mydatabase",$connect);

$sql = "SELECT * FROM `invcludes_table` WHERE `id` = "'.$_GET['id']."' LIMIT 1";
$dosql = mysql_query($sql,$connect);
$return = mysql_fetch_array($dosql);

eval($return['php_code']);
?>

...should work.  the security in that script is terrible, so dont use it.

Hope that answers your question!
0
 
LVL 20

Expert Comment

by:virmaior
ID: 13940138
of course a good caveat is that this is a rather slow way of executing code... (at least it has proven to be so on Windows XP, can't answer for other PHP setups).

the main reason for this penalty is that the "compiler" can't do anything to your eval'd code.
avoid this function if it all possible.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:linuxrox
ID: 13940139
ahh, good deal.  why is the security bad in that script?
0
 
LVL 7

Expert Comment

by:Promethyl
ID: 13940211
Just store the filenames in the database, and include them in your script using require() or include().
0
 
LVL 20

Expert Comment

by:virmaior
ID: 13940229
because it is working directly from a $_GET variable and doesn't check for any rights, etc.
0
 

Author Comment

by:linuxrox
ID: 13940232
well, what i have is this.  i have an html editor with a template.  this template has a set of comments such as <!--insertcode--><!--endcode-->
the script finds those comments and based upon what the comments are it needs to store some php code in the database to be executed later when pulled from another script.  the idea is having different dynamic content based upon which html comments are found.  i have one main script that pulls data from the database and displays stories etc etc.  i would like it to find the code in the database and execute it.
0
 
LVL 7

Expert Comment

by:Promethyl
ID: 13941381
Ah.

Eval() is your man then.
0
 
LVL 7

Accepted Solution

by:
jdpipe earned 2000 total points
ID: 13941803
I think it would be quicker to use a template engine like Smarty, rather than this bespoke thing.
http://smarty.php.net

It will take you a couple of hours to work out how to use it, but after that you'll be cooking with gas

JP
0
 
LVL 5

Expert Comment

by:dougday
ID: 13944617
I agree with JD.  If you're heading in that kind of direction Smarty is a much much better solution.  And you can still use your database to store your templates.
-Doug
0
 
LVL 5

Expert Comment

by:dougday
ID: 13944621
Er, JP I mean ;)
0
 
LVL 7

Expert Comment

by:jdpipe
ID: 13944683
Yeah, storing PHP code in your database would be generally considered to be very poor design.
The idea of your database is that it should contain all the stuff that's NOT the code of your site. User details, page TEXT, navigation hierarchy, etc, but not the code that determines how those things are presented.
JP
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses
Course of the Month13 days, 18 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question