properly escaping strings in eval - hideous syntax problem
Posted: Sun Jun 15, 2003 9:31 pm
This has been a real headache.
I need to define a string and then eval it later once the $vars have been declared (this will let me define a single "perform search" method in a parent - otherwise I have to duplicate the code in several childs although $link is the only unique bit for each child).
Here's what I did - a bit of a hack (str_replace !) but works:
The manual doesn't give a lot of help with preparing concatenated strings for eval. And after several hours that's the best I can work out.. but I must be doing something wrong if I need to str_replace ?
I need to define a string and then eval it later once the $vars have been declared (this will let me define a single "perform search" method in a parent - otherwise I have to duplicate the code in several childs although $link is the only unique bit for each child).
Code: Select all
<?php
$link = '(dupe info: ID' . $tid . ') <a href="index.php?page=forum_lp_' . $this->terms_string_GET . '_' . $tid . '_1_1">' . $result['board_title'] . ' | ' . $result['title'] . '</A><br />';
?>Code: Select all
<?php
// RULES:
// $array['key'] creates an error - declare $var = $array['key']; first and use $var
// concatenate string and '$var' elements (enclose $vars within single quotes)
// if vars followed by certain chars (underscore - et al?) write like this: ' . $var . ' and then str_replace later to strip ' . '
// using " instead of ' in $string doesn't seem to work
$string = '(dupe info: ID' . '$tid' . ') <a href="index.php?page=forum_lp_' . ' . $terms_string_GET . ' . '_' . ' . $tid . ' . '_1_1">' . '$board_title' . ' | ' . '$title' . '</A><br />';
// declare vars
$tid = 12;
$terms_string_GET = 'search_terms';
$result['board_title'] = $board_title = 'I am a board title.';
$result['title'] = $title = 'I am a topic title.';
// eval
eval("\$link = "$string";");
$link = str_replace(' . ', '', $link);
?>