1

I'm attempting to return a string of html with an some php code within the html and I'm experiencing a bit of difficulty doing so. Example below:

return '//bunch of html here
<div id="test">
 <?php 
   if (isset($_COOKIE[\"cannycookie\"]))
   {
      echo "<a class=\"reply\" href=\"#\" id=\"deletelink-'.$d['id'].'\">Delete</a>";
   }
 ?>
</div>';

The html before this all returns perfectly, but when it gets to the ">Delete</a>";}?> something crashes and burns. The html renders in the browser like so: Delete\n"; } ?> with the whole php source being exposed. I've tried reading up other posts and information on quotes in statements as such, and I've tried as much as I can, yet to no avail. Any ideers? Thanks!

Improve this question
2
  • As relet states, PHP code is server side, you cannot return PHP code in a string like that and expect it to do anything if you echo out the return value. Commented Jul 29, 2010 at 18:53
  • Building PHP with PHP? OK, most likely error: $d['id'] has a '?>' in it. Commented Jul 29, 2010 at 18:53

3 Answers 3

Reset to default
2

php inside php is strange, try this:

if (isset($_COOKIE["cannycookie"]))
{
    return '<div id="test">
              <a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>
            </div>';
}
else
{
    return '<div id="test"></div>';
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The thing is, I'm calling the function in a different php file that returns this html code (specifically user comments) and when the correct user is logged in, it adds the delete button. Not sure what to do.
1

Do not return like that for sanity purposes, instead:

$myReturnStatement = htmlentities('whatever you wanted');
return $myReturnStatement;

On the receiving end, you strip slashes and decode the entities back into legitimate PHP code. Also, if I understand my quotes correctly, you can have double quotes inside of single quotes without having to slash them out. This should save you headache. Once the code is decoded into normal PHP code, just use eval() to evaluate as PHP.

https://www.php.net/manual/en/function.stripslashes.php
http://php.net/manual/en/function.htmlentities.php
http://www.php.net/manual/en/function.html-entity-decode.php
http://php.net/manual/en/function.eval.php

Improve this answer

2 Comments

Just tried this, it seems to just be rendering all the html source visibly on the page.
You'll have to decode the entities and then use eval(). php.net/manual/en/function.eval.php
0

Don't return PHP. It won't work, and even if it did, using eval() et al is considered to be harmful (and a serious security issue) except in very specific circumstances.

Try this:

<?php

$retval = '<div id="test"> <!-- whatever you need here -->';
if (isset($_COOKIE["cannycookie"]))
{
  $retval .= '<a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>';
}

return $retval;

?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.