>  Everything is working great except the fact that when
> I put some php code into the 'text' field, in order to run
> en extra sql command in the page, it hangs and just
> prints the code as if it was just text.

(shrug) so far as the database is concerned, it *is* just
text.  If you want returned code evaluated, you will
have to explicitly evaluate it.

Possible approaches:

1.  Search for php code in your content: split the
string appropriately and evaluate as needed.
I would avoid this because it's a lot of extra work,
and because it's quite possible to write 'interleaved'
PHP code that requires several blocks working
together; evaluating a single block at a time will
just get you errors.

2.  Evaluate all your content.
You would have to be very careful about
letting people contribute content, and it might
be a bit slower; but it's very very simple.

3.  Have markers in your content, referring to
PHP code from another table.
Would be a bit slower (have to do multiple
queries to retrieve code as needed), but more
secure - people can safely contribute to the
HTML content table, you can let them
reference standardized PHP fragments.

4.  Half-way between #2 and #3: add a
flag field to your database table, if the flag
is set the content must be evaluated, otherwise
it is plain HTML and can just be echoed.
People can contribute content, but the flag
stays off until you double-check any PHP
code for safety.

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to