How to make PHP files better separated from HTML code

As you all know, PHP is a server-side embedded HTML script programming language. But by embedding HTML as a Web site, the code quickly becomes large and uncontrollable. How can i separate the PHP code from the HTML and make a Lib (template) similar to the DW to make the pages easier to modify and easier to maintain the code?

Later, read a lot of articles, said phplib can be realized, conveniently looked at a few pages, feel dizzy brain up, suddenly did not look down the desire. But the problem has to be solved, in a chance, to download the source of VBB forum, Rough Read, found in addition to PHP files, rarely see HTML code. Thought this is not the style that I want, the only harvest is to know it put HTML in the database, through the PHP file call, after a series of processing, with the Eval function to bring the desired variables into the generated dynamic pages needed. In this way, I did not look at the VBB source, but into the eval function. The PHP Chinese manual describes the eval function as follows:

Functions: eval ()

Miscellaneous Functions Library

Eval

Converts a value into a string.

Syntax: void eval (string code_str);

return value: None

Types of functions: Data processing

Content Description

This function can be used to substitute the value of a variable in a string, usually on the data that is being processed on the database. Parameter code_str is a string to be processed. It is important to note that the string to be processed conforms to the PHP string format and has a semicolon at the end. The string that is processed using this function will go along to the end of the PHP program.

Usage examples

The following are the referenced contents: <?php $string = ' Cup '; $name = ' coffee '; $str = ' This $string is fitted with $name .<br> '; Echo $str; Eval ("\ $str = \" $str \ ";"); Echo $str; ?>

The return value for this example is

$name is fitted in this $string.

This cup contains coffee.

The example test does not have any problems. However, when I test the following code, there is an error:

The following are the referenced contents: ? $aa = ' My name is yyy! '; $str = ' <input type= ' text "name=" TextField "value=" $aa ">"; Eval ("\ $str = \" $str \ ";"); Echo $str; ?>

Baffled, call for help, in the user proposed a series of solutions, finally in this way to run successfully:

The following are the referenced contents: ? $aa = ' My name is yyy! '; $str = ' <input type= ' text "name=" TextField "value=" \ ' $aa \ ' ">"; Eval ("\ $str = \" $str \ ";"); Echo $str; ?>

However, when I inserted the $STR into the following table and then extracted it again, there was a mistake.

Database Evaltest

# table structure ' envtest '

The following are the referenced contents: CREATE TABLE Envtest ( ID tinyint (4) not NULL auto_increment, Sour Mediumtext, PRIMARY KEY (ID), UNIQUE ID (ID), KEY id_2 (ID) );

#表内容 ' Envtest '

The following are the referenced contents: INSERT into Envtest VALUES (' 1 ', ' <input type=\ ' text\ "name=\" textfield\ "value=\" $AA \ ">");

The PHP file is as follows:

The following are the referenced contents: ? $aa = ' My name is yyy! '; $conn =mysql_connect (' localhost ', ' root ', '); $sele = ' Select sour from envtest where id=1 '; $res =mysql_db_query (' evaltest ', $sele); $arra =mysql_fetch_array ($res); $STR = $arra [' Sour ']; eval ("echo \" $str \ ";"); ?>

Then look at the PHP Chinese manual, found such a word: "To be processed strings to match the PHP string format", what is called "in line with PHP string format" (Who knows, trouble to tell). I do not know, also can not find, had to look at the string processing function. found that Htmlspecialchars () seemed to be available, and tried one:

The following are the referenced contents: ? $aa = ' My name is yyy! '; $conn =mysql_connect (' localhost ', ' root ', '); $sele = ' Select sour from envtest where id=1 '; $res =mysql_db_query (' evaltest ', $sele); $arra =mysql_fetch_array ($res); $str =htmlspecialchars ($arra [' sour ']); eval ("echo \" $str \ ";"); ?>

However, it appears on the page that:

The following are the referenced contents: <input type= "text" name= "TextField" value= "My name is yyy!" >

The variable is brought into success and can be displayed as not conforming to the requirements. View file source, the contents are as follows:

The following are the referenced contents: <input type= "text" name= "TextField" value= "My &bsp name &bsp is yyy!" >

Then look at the use of the Htmlspecialchars () of the manual, and find that the function does the following for the string:

& (and) Convert to &
"(double quotes) into"
< (less than) turn into <
> (greater than) convert to >

And then find, did not find the function of the opposite functions, so, I added a few lines of code, and then debug as follows, and finally succeeded.

The following are the referenced contents: <?php function dehtml ($STR) { $str =str_replace (' "', '" ", $str); $str =str_replace (' < ', ' < ', $str); $str =str_replace (' > ', ' > ', $str); $str =str_replace (' & ', ' & ', $str); return $str; } $aa = ' My name is yyy! '; $conn =mysql_connect (' localhost ', ' root ', '); $sele = ' Select sour from envtest where id=1 '; $res =mysql_db_query (' evaltest ', $sele); $arra =mysql_fetch_array ($res); $str =htmlspecialchars ($arra [' sour ']); Eval ("Echo dehtml (\ $str \);"); ?>

After the successful debugging of this code, I added a variable source of HTML page to the Evaltest table and then tested it again.

In the Eval function usage, "to be processed strings to match the PHP string format", I think it is through the htmlspecialchars () function of the string bar, I do not know whether the right or not, to be the Fang Jia treatise.

The above method asks everybody Netizen test, if discover to have what mistake or have better solution than this, please tell me a sound.