PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hey all, I know you can parse variables in a string by encapsulating it in double quotes instead of singles, but I have a problem. I'm obtaining the string from file_get_contents(). Thus:
<?php
$var = get_file_contents(input.php);
exit;
</php
forces $var into a string. But there are variables in the input file! It doesn't parse them, so if I echo $var, it just reads something like My name is $var because it's acting like the string is encapsulated in single quotes! How can I change this behavior? I can't find any way to do it, and I need to parse the variables.
unless the file your getting is not local, your kind of stuck using eval.. although I would consider this a MAJOR security risk, especially if you don't control what is on that file.
That was exactly what I was looking for, thank you. Security is no issue on this go-around just because all the file contains is HTML code (for an email template). Do you think, though, that you could enlighten me on what is wrong with using this function security-wise? From what I can tell, it just returns PHP code, which is then processed normally by the server. Why would that be risky?