Database Driven Template Engine Tutorial (needs work)

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
calfellows
Forum Newbie
Posts: 10
Joined: Mon Apr 07, 2008 3:10 am

Database Driven Template Engine Tutorial (needs work)

Post by calfellows »

Hello,
Some of you may find this interesting, a tutorial on creating mysql dbase
and dbase driven template engine: The script still needs some work, is not
yet functional, and I would just love to see this thing finished and available.
Posting this with "high hopes", and will monitor this thread....
http://www.mished.co.uk/showthread.php?t=12
Cal
Last edited by calfellows on Tue Apr 08, 2008 12:36 pm, edited 1 time in total.
User avatar
lafever
Forum Commoner
Posts: 99
Joined: Sat Apr 05, 2008 2:03 pm
Location: Taylor, MI

Re: Database Driven Template Engine Tutorial (needs work)

Post by lafever »

I just skimmed through it, you should post a demo.

Also, add some security to it. It has inject me written all over it.
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Re: Database Driven Template Engine Tutorial (needs work)

Post by matthijs »

Also, increasing the text size a bit and using color coding for the code would make it readable. Quite important for an article ;)
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Re: Database Driven Template Engine Tutorial (needs work)

Post by John Cartwright »

I haven't actually read the tutorial, just took a quick peek. Some glaring issues I see,

1. SQL injection -- you don't escape any of your input parameters, and sometimes even use raw input from the query string without even checking for it's existance first. Ouch.
2. Unquoted arrays will produce E_NOTICE notices, hint.. try putting error_reporting(E_ALL);
3. Use of eval should be avoided at almost all cost

Code: Select all

eval('$header = "' . fetch_template('header') . '";');
eval('$footer = "' . fetch_template('footer') . '";');
eval('$stylesheet = "' . fetch_template('stylesheet') . '";');
:banghead:

Code: Select all

 
$header = fetch_template('header');
$footer = fetch_template('footer');
$stylesheet = fetch_template('stylesheet');
calfellows
Forum Newbie
Posts: 10
Joined: Mon Apr 07, 2008 3:10 am

Re: Database Driven Template Engine Tutorial (needs work)

Post by calfellows »

This is not my work or tutorial at all, just something
I found interesting, looks helpful or inspiring to kickstart
people into the php/mysql arena.

Any pros here that can help to get this monster rolling?
It's got several problems and a fatal error, will not run at
all, currently.
Cal...
Last edited by calfellows on Fri Apr 11, 2008 4:55 pm, edited 1 time in total.
calfellows
Forum Newbie
Posts: 10
Joined: Mon Apr 07, 2008 3:10 am

Re: Database Driven Template Engine Tutorial (needs work)

Post by calfellows »

Hello,

Chris just posted an update, a working
version with install file to create dbase.

This thread is located at:
http://www.mished.co.uk/showthread.php?p=24

Cal
Post Reply