3

I want to store php code inside my database and then use it into my script.

class A {
    public function getName() {
        return "lux";
    }
}
// instantiates a new A
$a = new A();

Inside my database there is data like 

"hello {$a->getName()}, how are you ?"

In my php code I load the data into a variable $string

$string = load_data_from_db();
echo $string; // echoes hello {$a->getName()}, how are you ?

So now $string contains "hello {$a->getName()}, how are you ?"

{$a->getName()} still being un-interpretated

Question: I can't find how to write the rest of the code so that {$a->getName()} gets interpretated "into hello lux, how are you". Can someone help ?

$new_string = ??????
echo $new_string; //echoes hello lux, how are you ?

Is there a solution with eval() ? (please no debate about evil eval ;)) Or any other solution ?

Improve this question
7
  • 3
    Not sure why you would do this, seems like bad practice/coding Commented Jun 14, 2010 at 14:04
  • 2
    Agreed, a hideous and inefficient practice. Commented Jun 14, 2010 at 14:07
  • 1
    I don't think its as bad as you people seem to believe. Looks like the data he is expanding is just an email template or something similar. There are better ways to do it perhaps but griping about it isn't very pragmatic. anyhow oezi's answer seems to be practical and correct enough. Commented Jun 14, 2010 at 14:20
  • This is not bad practice at all, but if you've got a better solution, tell me and I'll use it :) I want to inject anything from my execution environment into "code templates" stored in a database. this was the real question but I hoped I'll get a simplier anwser from a simplier question:o) Thx Kris, you're right oezi's solution fits my needs And thank you all for the very fast answers Commented Jun 14, 2010 at 14:40
  • 1
    Could you explain a little more as to way you are coding the data and passing the code? just curious??? Commented Jun 14, 2010 at 14:47

4 Answers 4

Reset to default
3

take a look at eval() - this is what you are looking for (but i agree with phill, this sounds like bad practice)

EDIT: just seen that you know eval - so why don't you do this:

eval('$string = "'.load_data_from_db().'";');

(haven't tested this, but i'm almost sure it works)

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Because hum... I was making a typo and couldn't get it working :p Thank you very much :)
3

Seems like you are trying to do something like multilanguage strings.

There is a one nifty approach using sprintf

Inside DB you put 

"hello %s, how are you ?"

and in your php code you do 

$string = load_data_from_db();
echo sprintf($string,$a->getName()); // replaces %s with the function value.

the changing part ($a->getName()) should come from database too but with separate query (maybe in class A)

Improve this answer

1 Comment

Thanks for your solution. It works in the example I gave but in my real case it doesn't because I've got unknown placeholders in an unknown order. I should have been more precise. The solution shoud be completely dynamic and inject anything from my current execution environment
0

you could save it to a temporary file like temp.file and then do an include('temp.file');

Improve this answer

2 Comments

This can work too, thank you. In my case oezi solution is more adapted
welcome, I'm not going to argue against eval in a secure enviroment, but I will look for and suggest non-eval options.
0

A database is used to store data NOT code. You should make your code dynamic to read data from the database/user input but storing code in a database is not recommended.

Why not store the value "lux" in a database table.

Try it this way:

class A {
    private $name;

    public function getName() {
        return $this->name;
    }

    public function setName($name) {
        $this->name = $name;
    }
}
// Query DB
// Don't know your query so just using what you have
$passed_name = load_data_from_db(); // This would return "lux"

// instantiates a new A
$a = new A();
$a->setName($passed_name);
echo "hello ".$a->getName().", how are you ?<br />\n";
Improve this answer

3 Comments

Thank you. In fact in my case php code IS data so I've got to store it inside my database. It needs to be dynamic so I can inject inside this "code template" any data from my php execution environment.
hmm if the data is CODE, then why do you need to execute it?
Phill, I just have answered you on the main comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.