Page 1 of 1

Setting up a var for a word in a text that comes in POST

Posted: Sun Dec 31, 2006 7:05 am
by eyal
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I have a var which contains a big amount of text (actually, it's contains HTML code). With in this var, there is a few time the single word "$name".
My Questioin is how do I change the "$name" words in this large amount of text from "$name" to the actual value of the var "$name".
That problem happens only when the var comes from POST and the "$name" var is being set only after it's recive the var.

For Example, When I write something like this:

Code: Select all

<?
$html_code=$_POST["html_code"];
$name="Alex";
// "$html_code" contains a large amount of code, and in a few places theres the word "$name".
echo $html_code;
?>
It's writes the $html_code var, altough when it comes to the word "$name", it show "$name", not "Alex".
I hope I made myself clear.

The reason for this code is because I'm writing a newsletter sending script, and it's sending the same message to alot of diffrent peoples which all has a diffrent names, of course.

Thank you.


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Sun Dec 31, 2006 7:26 am
by mickd
Have a look at the str_replace function :)

Posted: Sun Dec 31, 2006 8:19 am
by onion2k
If it's all your code and you implicitly trust it, and the places that say $name are exactly that text, then you could use eval(). Something like...

Code: Select all

$newsletter = eval("return \"".$_POST["html_code"]."\";");
Obviously this would be a huge security issue if there's any chance someone nasty could access the form.

Posted: Sun Dec 31, 2006 11:45 am
by Ollie Saunders
Obviously this would be a huge security issue if there's any chance someone nasty could access the form.
In this case huge is an understatement. I wouldn't ever write that, ever, not even on my own isolated development environment for a project purely for myself.

Posted: Sun Dec 31, 2006 12:55 pm
by eyal
I would like to thank to everyone who replied for my question. Thanks to you I managed to solve the problem.