Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Use variable stored in mysql database

Posted on 2013-11-14
8
Medium Priority
?
302 Views
Last Modified: 2013-11-15
I'd like to store a variable inside a mysql database.  Then assign that variable a value after it's pulled from the database.

Here's a very basic example of how I'm storing the info in the database.

**********************
echo "name" . $var_lname; Thanks for registering for Momentum 2014. **********************

I can pull the text from the database, but $var_fname comes out as plain text and not the value assigned to the variable in the code.

Here's example code.

try {
	$get_email_text = new PDO("database information");
    foreach($get_email_text->query("Query here") as $row) {
		$var_email_text = $row['email_text'];
    }
    $get_email_text = null;
} catch (PDOException $e) {
    print "Error!";
    die();
}

$var_lname="Steve";
echo $var_email_text;

Open in new window


Instead of replacing the variable $var_lname with "Steve" I get the exact text that's in the database...

**********************
echo "name" . $var_lname; Thanks for registering for Momentum 2014.
**********************

Any ideas on how to tell PHP that $var_lname is a variable?

Thanks,

Steve
0
Comment
Question by:stkoontz
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39649565
This seems to be a templating issue.  Try this function:
http://php.net/manual/en/function.str-replace.php
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39649582
If you included $var_lname; in the text in the database, the answer is no, it is Not a PHP variable, it is just text.  Your code is doing exactly what it is supposed to do.

Variables must be in the PHP source code, not in the database.  When a PHP page is requested, the first thing that happens is the PHP interpreter "pre-compiles" the source code including the variables.  Since the database content is not part of that, it does not get "pre-compiled" into the program.  You can assign data fetched from the database into PHP variables that have already been defined.

Try this in place of line 13 to see what happens.

echo $var_lname.' '.$var_email_text;

Open in new window

0
 
LVL 45

Accepted Solution

by:
Chris Stanyon earned 2000 total points
ID: 39649724
You could potential store your own version of a variable in the database, and then when you pull out the record, do a str_replace or regex on it.

Another alternative, but probably less robust is to store it in a format that printf would understand. Store this:

%s, thanks for registering for Momentum 2014.

And then when you pull it out of the database, output it like this:

$var_lname="Steve";
printf($var_email_text, $var_lname);

Open in new window

Using the printf function will replace the %s with the value stored in $var_lname
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 2

Expert Comment

by:loki0609
ID: 39650502
What your looking for is the eval function.

http://www.php.net/manual/en/function.eval.php
0
 
LVL 45

Expert Comment

by:Chris Stanyon
ID: 39650620
@loki0609 - read the first line of that page:

The eval() language construct is very dangerous because it allows execution of arbitrary PHP code.

Storing PHP code in a database and then running eval() on it is a nightmare waiting to happen - Don't do it!!
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39650931
To quote Rasmus: If eval() is the answer, you're almost certainly asking the wrong question!
0
 
LVL 2

Author Closing Comment

by:stkoontz
ID: 39651190
Using %s in the database so printf understands it works great.  I tweaked it a bit and found sprintf to store the string into a variable so I can email it out.

$var_text=sprintf($var_email_text, $var_fname)

Thanks!

Steve
0
 
LVL 2

Expert Comment

by:loki0609
ID: 39651593
eval is completely fine to use in the right circumstances. If the input is controlled and trusted, like a database of "templates" that you created that don't have output from outside then it's fine. It's used quite a bit in templating systems
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This post contains step-by-step instructions for setting up alerting in Percona Monitoring and Management (PMM) using Grafana.
Recursive SQL is one of the most fascinating and powerful and yet dangerous feature offered in many modern databases today using a Common Table Expression (CTE) first introduced in the ANSI SQL 99 standard. The first implementations of CTE began ap…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question