Storing php code in a database
Moderator: General Moderators
Storing php code in a database
I´m trying to build my own little content management system and I want to be able to add modules to it. The simplest would of course be to store modules in separate files for inclusion, but if it would be possible to store the php code in a MySQL DB for later execution it would work wonders for me. Is it possible to do so and in some way keep linebreaks and such intact ?
Thanx in advance for any ideas.
Thanx in advance for any ideas.
I dont use \n, actually, hehe. It works for me jsut y doing:
I dont know if that is SUPPOSED to work, but it doe for me, and then i'd just put $bla into the DB. As for the usage of " inside of other double quotes, make them sing quotes (')...you could do a replace function thingy to make " = '....or jsut make them single quotes in the first place...than shove it into ur happy DB.
Code: Select all
$bla = "hey
new lines!";take a look at the mysql_real_escape_string and mysql_escape_string manual pages
You want to be careful with the idea of storing code in a database. It does work, but there are security issues. That's the reason the eval function is needed.
Also, what if the db crashes or the host drops the ball and turns it off or some other stupid manuever? I feel it's best to keep code out of the db's for this very reason.
One more thing to consider is the experience of others. Slashdot.org learned some big lessons on 9/11 of last year. Their site took HUGE amounts of traffic
They had to work like dogs to keep the system up! One thing they've changed since is to keep as much static information as possible OUT of the databases. That also includes code. Only go back to the db when needed. Otherwise, as your traffic goes up, a good portion of the systems load is going to be placed squarely on the db when it doesn't have to be.
Just some thoughts.
Later on,
BDKR
Also, what if the db crashes or the host drops the ball and turns it off or some other stupid manuever? I feel it's best to keep code out of the db's for this very reason.
One more thing to consider is the experience of others. Slashdot.org learned some big lessons on 9/11 of last year. Their site took HUGE amounts of traffic
Just some thoughts.
Later on,
BDKR
- gite_ashish
- Forum Contributor
- Posts: 118
- Joined: Sat Aug 31, 2002 11:38 am
- Location: India
hi,
i fully agree with what BDKR says.
it's true that mysql is optimized and is made for web applications etc etc... but it will be wise NOT to keep the code into db.
some how i feel that putting code into db will create problems in quotes, newline (basically, string handling) management + the load will be increased on db as the web site hit count goes high.
and also think about -- how the code will be developed and deployed using the idea of storing the source code into db.
these are some of the point coming to my mind on first thought... definitely need to think more deep on the same....
regards,
i fully agree with what BDKR says.
it's true that mysql is optimized and is made for web applications etc etc... but it will be wise NOT to keep the code into db.
some how i feel that putting code into db will create problems in quotes, newline (basically, string handling) management + the load will be increased on db as the web site hit count goes high.
and also think about -- how the code will be developed and deployed using the idea of storing the source code into db.
these are some of the point coming to my mind on first thought... definitely need to think more deep on the same....
regards,
- hob_goblin
- Forum Regular
- Posts: 978
- Joined: Sun Apr 28, 2002 9:53 pm
- Contact:
if you must...
one thng though, if you want line breaks to come from a form, you will need to use "<textarea>" instead of "<input>"
Code: Select all
<?php
$code = '<? echo "e;this \\n is some \\n code"e;; ?>';
/* Assuming it came from an input, thats why it has double slashes */
//PUT THE CODE IN TO THE DB
//TAKE IT OUT
$code = stripslashes($thecodefromdb);
eval($code);
/* should print out:
this
is some
code */
?>