i was developing an application that will read in the content of a html
file. and within this html file contains php variables which will be
replaced using the eval() function with its required value. and within
this html, i want to be able to run php functions. however, due to the
fact that characters need to be escaped so that eval() can process it, i
have to make use of addslashes() to escape all " that are embedded in
the html file.
with the " escaped, eval() will be able to work and evaluate the php
variable and instead of:
eval("\$rs = \"<span class="normal">$phpVar</span>\";"); (won't work)
it will now be:
eval("\$rs = \"<span class=\"normal\">$phpVar</span>\";"); (work)
and to call a date() function on the above text, this format will work:
eval("\$rs = \"<span class=\"normal\">".date("m d y")."$phpVar</span>\";");
since the text that is passed into eval() came from a html/php/inc
(whatever you name it) file, there is no way you will know that a
particular text is in fact a php function.
so i thought of prefixing and suffixing php function with [::date("m d
y")::] and it will be helpful in the sense that the application will
know that oh, this is a php function, i need to ". ." it so that eval
will not throw me an error.
with that, now the html file's content will be something like:
<span class="normal">[::date("m d y",$phpVar)::]</span>
after using addslashes(), it will be:
<span class=\"normal\">[::date(\"m d y\",$phpVar)::]</span>
for the above text, in order for eval() to parse correctly, it has to be
in this format:
eval("\$rs = \"<span class=\"normal\">".date("m d y",$phpVar)."</span>\";")
and there is always a chance that the html text could contain more than
1 block of [:: phpfunction ::]
thats why i came up with that piece of code to convert the text to a
string that eval will be able to understand. and at the end of it, i
will be echoing $rs to display the final result.
you probably will wonder why dont i use include() and require()? that
way, php will be handling all the above without requiring additional
work. however, due to the way the result has to be handled, i couldn't
use include nor require.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php