Storing php code in a database

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
webpoet
Forum Newbie
Posts: 6
Joined: Sat Aug 31, 2002 10:05 am
Contact:

Storing php code in a database

Post by webpoet »

I´m trying to build my own little content management system and I want to be able to add modules to it. The simplest would of course be to store modules in separate files for inclusion, but if it would be possible to store the php code in a MySQL DB for later execution it would work wonders for me. Is it possible to do so and in some way keep linebreaks and such intact ?

Thanx in advance for any ideas.
User avatar
gotDNS
Forum Contributor
Posts: 217
Joined: Tue May 07, 2002 5:53 pm
Location: West Chester, PA

Post by gotDNS »

you can store any PHP you want in there...all the way up to the opwning and closing PHP tags. You can have linebreaks as well (\n)...go ahead, and good luck to you.

later on, -Brian
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

The other bit to keep in mind is the eval function which you'll need to use to execute the stored code.
webpoet
Forum Newbie
Posts: 6
Joined: Sat Aug 31, 2002 10:05 am
Contact:

Post by webpoet »

Can someone please give me a short example ? I´ve tried to use \n but can´t get it to work. Also, how do you get around the usage of " ?
I mean if my code contains for instance sql queries that need to be in between "" I can´t declare the code as a variable before storing it right ?
User avatar
gotDNS
Forum Contributor
Posts: 217
Joined: Tue May 07, 2002 5:53 pm
Location: West Chester, PA

Post by gotDNS »

I dont use \n, actually, hehe. It works for me jsut y doing:

Code: Select all

$bla = "hey

new lines!";
I dont know if that is SUPPOSED to work, but it doe for me, and then i'd just put $bla into the DB. As for the usage of " inside of other double quotes, make them sing quotes (')...you could do a replace function thingy to make " = '....or jsut make them single quotes in the first place...than shove it into ur happy DB.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

take a look at the mysql_real_escape_string and mysql_escape_string manual pages
User avatar
BDKR
DevNet Resident
Posts: 1207
Joined: Sat Jun 08, 2002 1:24 pm
Location: Florida
Contact:

Post by BDKR »

You want to be careful with the idea of storing code in a database. It does work, but there are security issues. That's the reason the eval function is needed.

Also, what if the db crashes or the host drops the ball and turns it off or some other stupid manuever? I feel it's best to keep code out of the db's for this very reason.

One more thing to consider is the experience of others. Slashdot.org learned some big lessons on 9/11 of last year. Their site took HUGE amounts of traffic :!: They had to work like dogs to keep the system up! One thing they've changed since is to keep as much static information as possible OUT of the databases. That also includes code. Only go back to the db when needed. Otherwise, as your traffic goes up, a good portion of the systems load is going to be placed squarely on the db when it doesn't have to be.

Just some thoughts.

Later on,
BDKR
User avatar
gite_ashish
Forum Contributor
Posts: 118
Joined: Sat Aug 31, 2002 11:38 am
Location: India

Post by gite_ashish »

hi,

i fully agree with what BDKR says.

it's true that mysql is optimized and is made for web applications etc etc... but it will be wise NOT to keep the code into db.

some how i feel that putting code into db will create problems in quotes, newline (basically, string handling) management + the load will be increased on db as the web site hit count goes high.

and also think about -- how the code will be developed and deployed using the idea of storing the source code into db.

these are some of the point coming to my mind on first thought... definitely need to think more deep on the same....

regards,
User avatar
hob_goblin
Forum Regular
Posts: 978
Joined: Sun Apr 28, 2002 9:53 pm
Contact:

Post by hob_goblin »

if you must...

Code: Select all

<?php
$code = '<? echo &quote;this \\n is some \\n code&quote;; ?>'; 

/* Assuming it came from an input, thats why it has double slashes */


//PUT THE CODE IN TO THE DB

//TAKE IT OUT
$code = stripslashes($thecodefromdb);
eval($code);

/* should print out:
this
is some
code */
?>
one thng though, if you want line breaks to come from a form, you will need to use "<textarea>" instead of "<input>"
Post Reply