I'm trying to create a block of PHP code within HTML such that when the user loads the page, it displays their IP address and time/date as the user in an email address.
I'm using apache on fedora21, and have enabled PHP (tested with phpinfo() function in the same HTML file).
Here is the code I'm trying to execute:
<? echo '<a href="mailto:'.$REMOTE_ADDR.'_'.date('y-m-j').'-#example.com" title="There is no spoon">For stupid spambots'; ?>
It just prints For stupid spambots'; ?> without printing the generated email address.
<? echo 'For stupid spambots'; ?>
Need to close <a href at first, and if you want to return IP its $_SERVER['REMOTE_ADDR'] not $REMOTE_ADDR except you define that variable before.
Judging from the fact that you can see closing ?>, I deduce that your PHP code doesn't run at all and is interpreted like regular HTML.
There might be several reasons why (badly configured Apache being one of them), but my prime suspect is that you have disabled short PHP tags. Try using <?php instead of <?.
You used the syntax of an html anchor wrong. Consider this:
<?php
$address = sprintf('%s_%s-#example.com', $_SERVER['REMOTE_ADDR'], date('y-m-j'));
echo sprintf('%3$s: %1$s',
$address,
'There is no spoon',
'For stupid spambots');
?>
You have to print the address into the visible text content of the anchor definition if you want it to be visible. You only but the "For stupid spambots" string in there which is what got displayed.
( Note that I just used the sprintf() calls to keep the lines short and readable. Obviously this also works with traditional string concatenation. )
Related
I'm making a website where a user should be able to use HTML and CSS in their profiles but I came across one problem.
<?php
$profile = "<h1>THIS IS A TEST</h1>";
echo htmlentities($profile);
?>
That's my code, but it only show this in the profile:
<h1>THIS IS A TEST&</h1>
I don't know what is happening, nor do I know if this only happens to me.
How do I make it show only the h1 content?
Function htmlentities is showing the representation of html characters like tags etc., and is being used especially to avoid parsing as html. So if you mean to echo html so that the browser parses it as html, the last thing you want is to use this function! Just echo it out directly, no need to use htmlentities or htmlspecialchars!
You just have to use echo $profile;, that's all. Check this and don't forget to check Display as HTML as browsers display PHP echoed text as HTML unless they're told to display it differently.
I think what I'm trying to do must be impossible; incredibly difficult; or pretty easy, and I just don't know how to express what I want correctly to Google.
What I want to do is the following:
For the purposes of templating, I am outputting HTML to a file. However, I want the file to contain PHP tags - not the parsed value of the PHP code (this value will change based upon included scripts in the output file) - but the actual <?php ?> tags themselves - containing the unmodified code, such that the code is still executable at run time.
This is an example of what I want to get outputted:
<html>
<body>
<img src="<?php echo IMG_PATH;?>img.jpg" />
</body>
</html>
What I'm getting is a combination of things that are wrong, depending on which method I use. Basically, I need to be able to write parsable PHP code to a HTML file. Now, whether or not this is a good idea is debatable, and a subject I'm not too interested in at the moment. I just want to know if a sane solution exists.
I came up with the following insane solution:
$content='<html><body><img src="zxzxzx?php echo IMG_PATH; ?qjqjqj" />';
file_put_contents($file,$content);
$command='perl -p -i.bktmp -e "s/zxzxzx/</g" '.$file.' 2>'.$path.'error.log';
$command2='perl -p -i.bktmp -e "s/qjqjqj/>/g" '.$file.' 2>'.$path.'error.log';
exec($command);
exec($command2);
Now, on one hand, this feels devilishly clever. And, it also feels insane. Is there a better/possible way to do this?
You are misinterpreting how PHP operates. The following code:
<?php
echo 'This string <?php echo 'contains' ?> some PHP code';
Will produce as output
This string <?php echo 'contains' ?> some PHP code
You will NOT get:
This string contains some PHP code
PHP's parser is not recursive. PHP code embedded inside PHP code, e.g. inside a string, as it is above, is NOT treated as PHP code - it'll just be some text.
If you want to write out some PHP code, then just write it out:
$string = 'This string <?php echo 'contains' ?> some PHP code';
file_put_contents('file.php', $string);
You don't need to take any special measures for the PHP code in the string to be written out, it'll just "work".
Now, that being said, if you ever put that string into a context where it COULD be evaluated as code, e.g.
eval($string);
then you WILL have to take measures to keep PHP from seeing the opening <?php tag and switching into "code mode".
Instead your HTML file needs to be a PHP file. See below:
File: test.php
<html>
<head>
</head>
<body>
<? echo 'My PHP embedded in HTML'; ?>
<img src="<? echo $imagePath; ?>"/>
</body>
</html>
Ok, someone has just shown me a piece of PHP code and at the end of the file I've seen a stray <?php } ?> . I thought that should give a compilation error, but it doesn't.
Why is:
<?php
if(1==1){
?>
X
<?php } ?>
valid?
Is it safe to split a statement into multiple php blocks?
PS: I was expecting for something more from the answers then "yes" :D
Yes that is fine, but I would suggest:
<?php if(1==1):?>
X
<?php endif; ?>
It makes it a little more readable then random { and }
From the manual:
Everything outside of a pair of opening and closing tags is ignored by
the PHP parser which allows PHP files to have mixed content. This
allows PHP to be embedded in HTML documents, for example to create
templates.
Welcome to the mysterious world of PHP.
Safe? Yes.
Readable? Not really.
Avoid mixing your PHP logic with your HTML where possible. There are few times when this is a good idea, as it makes reading through and understanding your code difficult.
Yes, this is fine.
It's often useful to drop out of "php mode" for large blocks of HTML - you'll see this technique used anywhere HTML and PHP are mixed.
It is valid, but not recommended if you want to have a code that is maintainable and readable in the long run.
You must bear in mind that every time you "exit" from PHP, you are entering HTML.
I have a following question. I have put a long text (variable type LONGTEXT) into MYSQL database - through command line. Somewhere in this text there's a <br> tag, and near the end of text there's <?php phpinfo(); ?>. If i type SELECT * FROM mytable WHERE id=1, this whole text shows as it is, so it is unaltered (read: both <br> AND <?php phpinfo(); ?> are there. But when I submit query via php like this:
if (mysql_num_rows($result) > 0) {
while($row = mysql_fetch_row($result)) {
echo $row[1];
}
}
Then the text is displayed exactly as I want it on my webpage, that means that <br> tag is processed by the browser as newline, AND <?php phpinfo(); ?> part is IGNORED. That is actually exactly what I want. But my question IS: WHY doesn't <?php phpinfo(); ?> part get processed via browser?? Does the PHP's echo function ignore the <?php tag??
Thanks in advance for explanations.
Because echoing a string is not the same as evaluating it.
PHP generates HTML, which is then processed by the browser. However a string containing PHP code won't be evaluated unless you specifically put it through eval() (hint: DON'T!)
Browsers don't process PHP. It is a server side technology.
Your PHP is reading some text from the database and outputting it to the browser. That the text includes the string <?php is immaterial, it is output from the PHP programme, not part of the script.
When the browser parses it, it just looks like invalid HTML and it tries to perform error recovery (more or less ignoring it as an unrecognised tag).
try this in a new empty browser window:
javascript:document.write('<b>hello <?php ?> is here!</b>');
Then open up firebug/inspector.
In safari, the <?php ?> thing seems to be interpreted as/converted to a comment.
PHP echoes anything you throw to it. If you want to execute the longtext, use eval, if you want to properly display it, you could use the http://php.net/manual/en/function.htmlentities.php function for example.
I am creating site with php.
On localhost all works well.
On my hosting all looks good too, but on top of page i see "?>". In my code these symbols are absent.
What is this?
It could be that your code uses short open tags (<? instead of <?php) and your hosting provider has short open tags turned off. That would mean, however, that your PHP code is not interpreted at all. It could also mean that your hosting provider doesn't support PHP at all, or only for certain file types.
Take a look into the page's source code to check whether that is the case.
The fact that you see that on top of the page could mean one or more things.
It seems you have typed in ?>
outside of a php block
You may be using short tags <?
instead of long <?php and the host
has short tags turned off
Out of these its most likely you have a closing ?> in your code without a corresponding open <?php tag
Are you sure yu're seeing ?> and not something like >>? ?
Otherwise, this smells like a PHP-EndTag which was never opened...check your code.
If you have a empty lines in your sourcefile before the opening <?php-tag, then those empty lines could get outputted unintenionally. If your script should start with <?php on top, remove all the empty lines above it.