How to make PHP file and HTML code better separate the use of--eval functions

Source: Internet
Author: User
Tags format eval functions php file php code string format variable types of functions
How a function makes PHP files better separated from HTML code
------The usage of the Eval function

As you all know, PHP is a server-side embedded HTML script programming language. But in embedded HTML,
Way to make a website, the code quickly becomes huge and uncontrollable. How do i make PHP code with HTML
Detach, make a similar dw of lib (template) and make the page easier to modify and easy to maintain the code?
Later, read a lot of articles, said phplib can be realized, conveniently read a few pages, feel dizzy brain up, suddenly did not see
The desire to go down (the prawn if you have this experience, please do not hesitate to enlighten, first thanked!). But the problem has to be solved.
After a few days of depression, a chance to download the source of VBB forum, Rough Read, found in addition to PHP
The HTML code is rarely seen outside of the file. Thinking this is not the style I want, see. Still Dizzy brain rise: (, the only
Harvest is to know it put HTML in the database, through the PHP file call, after a series of processing, with the Eval function
Bring the desired variable into the dynamic page that is required for the build. In this way, I did not look at the VBB source, but into the eval function.
The star Prodigal's PHP Chinese manual describes the eval function as follows:

Functions: eval ()

Miscellaneous Functions Library

Eval
Converts a value into a string.

Syntax: void eval (string code_str);

return value: None

Types of functions: Data processing


Content Description

This function can be used to substitute the value of a variable in a string, usually on the data that is being processed on the database. Parameter Code_str
For the string to be processed. It's important to note that the string to be processed matches the PHP string format, while at the end
Place to have a semicolon. The string that is processed using this function will go along to the end of the PHP program.

Usage examples

<?php
$string = ' Cup ';
$name = ' coffee ';
$str = ' This $string is fitted with $name .<br> ';
Echo $str;
Eval ("\ $str = \" $str \ ";");
Echo $str;
?>

The return value for this example is

$name is fitted in this $string.
This cup contains coffee.


There are no problems with the example test. However, when I tested the following code, there was an error:
?
$aa = ' My name is yyy! ';
$str = ' <input type= ' text "name=" TextField "value=" $aa ">";
Eval ("\ $str = \" $str \ ";");
Echo $str;
?>
Baffled, in the chainasp for help, in the user proposed a series of solutions
, and finally run successfully in this way:
?
$aa = ' My name is yyy! ';
$str = ' <input type= ' text "name=" TextField "value=" \ ' $aa \ ' ">";
Eval ("\ $str = \" $str \ ";");
Echo $str;
?>

However, when I inserted the $str into the table below and then extracted it again, it made a mistake.
He's dead.

Database Evaltest
# table structure ' envtest '

CREATE TABLE Envtest (
ID tinyint (4) not NULL auto_increment,
Sour Mediumtext,
PRIMARY KEY (ID),
UNIQUE ID (ID),
KEY id_2 (ID)
);

#表内容 ' Envtest '
INSERT into Envtest VALUES (' 1 ', ' <input type=\ ' text\ "name=\" textfield\ "value=\" $AA \ ">");

The PHP file is as follows:
?
$aa = ' My name is yyy! ';
$conn =mysql_connect (' localhost ', ' root ', ');
$sele = ' Select sour from envtest where id=1 ';
$res =mysql_db_query (' evaltest ', $sele);
$arra =mysql_fetch_array ($res);
$STR = $arra [' Sour '];
eval ("echo \" $str \ ";");
?>
Look at the sky Prodigal's PHP Chinese manual, found such a word: "The string to be processed to match the PHP string format", what is called
"PHP-compliant string format" (Who knows, trouble to tell)? I don't know, I can't find it, I have to look at string processing functions.
found that Htmlspecialchars () seemed to be available, and tried one:
?
$aa = ' My name is yyy! ';
$conn =mysql_connect (' localhost ', ' root ', ');
$sele = ' Select sour from envtest where id=1 ';
$res =mysql_db_query (' evaltest ', $sele);
$arra =mysql_fetch_array ($res);
$str =htmlspecialchars ($arra [' sour ']);
eval ("echo \" $str \ ";");
?>
However, it appears on the page that:
<input type= "text" name= "TextField" value= "My name is yyy!" >
The variable is brought into success and can be displayed as not conforming to the requirements. View file source, the contents are as follows:
<input type= "text" name= "TextField" value= "My &bsp name &bsp is yyy!" >
Then look at the use of the Htmlspecialchars () of the manual, and find that the function does the following for the string:
& (and) Convert to &
"(double quotes) into"
< (less than) turn into <
> (greater than) convert to >
And then find, did not find the function of the opposite functions, so, I added a few lines of code, and then debug as follows, and finally succeeded.
<?php
function dehtml ($STR) {
$str =str_replace (' "', '" ", $str);
$str =str_replace (' < ', ' < ', $str);
$str =str_replace (' > ', ' > ', $str);
$str =str_replace (' & ', ' & ', $str);
return $str;
}
$aa = ' My name is yyy! ';
$conn =mysql_connect (' localhost ', ' root ', ');
$sele = ' Select sour from envtest where id=1 ';
$res =mysql_db_query (' evaltest ', $sele);
$arra =mysql_fetch_array ($res);
$str =htmlspecialchars ($arra [' sour ']);
Eval ("Echo dehtml (\ $str \);");
?>
After this code was successfully debugged, I added a variable to the Evaltest table with the source code of a complex HTML page.
Again the test, also succeeded.
In the Eval function usage, "the strings to be processed are formatted with PHP," I think.
Htmlspecialchars () function of the string bar, I do not know whether the right or not, to be treatise The Fang Jia.

The above methods please users test, if you find anything wrong or better than this solution, please tell me, my mail
The address is: chensiping@263.net




Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.