|
|
Posted by "Richard Lynch" on 10/31/05 07:56
On Sun, October 30, 2005 8:51 pm, John Taylor-Johnston wrote:
> eval( " ?> $contents <?php " );
>
>>However, if eval() is the answer, you're probably asking the wrong
>>question. You should take a hard look at your code and think of a
>> better
>>way to do what you need to do.
>>
>>
> Back to the drawing board? It is either store my html+embedded code in
> a
> mysql record, or in an html file, which means playing with fopen. It's
> easier to hand tweak in phpmyadmin.
> Nonetheless, even though your test code worked (thanks!) this doesn't.
> Sigh.
>
> if ($contents = displaynew()){
echo "CONTENTS:<pre>", htmlentities($contents), "</pre>\n";
eval( " ?> $contents <?php " );
}
I'm guessing $contents ain't what you think.
>
> function displaynew()
> {
> $file = basename($_SERVER['PHP_SELF']);
> require 'connect.inc';
> $sql = "SELECT HTML FROM `$db`.`$table_editor` WHERE `Filename`
> LIKE
> '".addslashes($file)."' LIMIT 1;";
> if ($myquery = mysql_query($sql) and mysql_num_rows($myquery) > 0)
This 'and' should probably be '&&' ...
Though I never really used 'and' enough to know for sure.
At any rate, you've got *NO* error-checking for an invalid query here.
> {
> $mydata = mysql_fetch_array($myquery, MYSQL_NUM);
> return $mydata[0];
> }
> return false;
> }
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|