0

I have this code:

<!DOCTYPE html>
<html>
    <?php require_once('./module/mod_head.php'); ?>
<body>
    <?php require_once('./core/imp/navbar.inc.php'); ?>

    <div class="container" style="margin-bottom: 50px;">
        <?php include('./module/mod_preview.php'); ?>
    </div>

    <div class="container-fluid">
        <?php include_once('./module/mod_block_whoami.php') ?>

        <div class="collapse" id="summaryId">
            <?php include_once('./module/mod_block_summary.php'); ?>
        </div>
    </div>

    <?php require_once('./core/imp/footer.inc.php'); ?>
</body>
</html>

Now this code is saved in a database.

The problem is I want that code to be used as it would be the only code in my index.php file.

But as I said before it is saved in a database and to get that code I need to use php and then the code will be saved in an php variable and echoing that would be like:

<?php echo "<html><?php echo "<morehtml>blablabla</morehtml>"; ?></html>"; ?>

I thought of creating a temporary file that gets overwritten whith the code and then included by the index.php file or whatever file needs to get code from the database.

However I don't know if that is a good idea or if there are any better ways to get php code from an MySQL database and using it.

Improve this question
5
  • 2
    question is: "why" would you want to do that? why don't you just output HTML as it's supposed to be, instead of using PHP inside PHP. What you're trying to do now, will error out. Then, you'll have to use additional functions when its not needed. Don't reinvent the wheel; many have tried and failed before you. PHP is PHP, HTML is HTML. Commented Nov 21, 2015 at 15:34
  • I want to be able to edit and save it on the website itself, rather than uploading the edited file to the server. This might not be the best example but I came across it and couldn't find a solution. So I just wanted to know if there is any way to do that Commented Nov 21, 2015 at 15:43
  • e.g. I had the code from above in my index.php, but someday I think: I won't need that "mod_block_whoami.php" to be on the page so I would just go to the page and login, delete it, save it. Instead of editing it with the terminal or uploading the edited file to the server. Commented Nov 21, 2015 at 16:15
  • Be careful with eval(). If you don't know it "cons", it may bite you back. Commented Nov 21, 2015 at 16:16
  • I'll probably try to find something else now Commented Nov 21, 2015 at 16:18

2 Answers 2

Reset to default
1

If you want to use php code from database, try eval (Evaluate a string as PHP code). 

$sting // your variable with the data from the DB
<?=eval('?>' . $sting . '<?') ?>

But this is dangerous, from documentation:

"The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand."

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Okay I'll find something else, nevertheless thanks for the help
1

PHP offers the eval($string) function. It runs the code in the string you pass it. So, it would be a simple matter to read code from a MySQL database and run it.

But, is this a good idea? Many people don't think so, because it makes it easy for a badguy to pwn your application.

Improve this answer

1 Comment

My sentiments exactly.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.