copy('https://graph.facebook.com/$fbid/picture?type=large', 'images/$fbid.jpg');
i am using the above code to store the image locally ..
the above code works without the variable. As it does not executes php in it so it is useless with links containing php variables....
The code works with a definite url is provided...
i wanna use the above url of source and destination respectively to get image...
please suggest me any other workaround or way that allows the links with variables to be executed ....
Your strings are wrapped in ' ', to use variable interpolation, you need to wrap yours strings in " ", so copy("https://graph.facebook.com/$fbid/picture?type=large", "images/$fbid.jpg"); will work.
Also, to make it clearer, it's possible to wrap your variables in { }, so "Hello {$world}" will, assuming $world contains "World", print "Hello World".
There's a few other gotchas, so have a look over the PHP manual page for strings I've put at the bottom of this post.
Ref: http://php.net/manual/en/language.types.string.php
Related
I have a settings page in my Wordpress Admin Panel where I save some HTML code(with some PHP code in it) as a Wordpress Option, using update_option.
In phpmyadmin, the value is stored exactly like this:
<img src = \"<?php bloginfo(\'template_directory\'); ?>/images/flexslider/phone.png\">
It works perfect until I try to actually make the code work in a page. I'm printing it like this:
<?php echo urldecode(get_option('wp_slider_code')); ?>
This, unfortunately, prints the PHP code as it was HTML code. So the PHP code doesn't actually get executed; it's treated like a text, the url becoming:
<?php bloginfo('template_directory'); ?>/images/flexslider/phone.png
What can I do to make this PHP code get executed when I echo it on a page?
You have to use the eval() built-in function:
eval( $YourString );
(Edit:) If $YourString return a result, to cath the result you have to use:
$result = eval( $YourString );
Please note:
Caution
The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand.
Read mor on PHP Documentation.
This should be incredibly simple but i can't seem to figure it out.
I have the following code
<?php
$bookingid='12345';
include_once('phpToPDF.php') ;
//Code to generate PDF file from specified URL
phptopdf_url('https://google.com/','pdf/', $bookingid.pdf);
echo "<a href='pdf/$bookingid.pdf'>Download PDF</a>";
?>
It echo's correctly however when it comes to generate the pdf...
phptopdf_url('https://google.com/','pdf/', $bookingid.pdf);
...it misses out the fullstop so it generates 12345pdf whereas it should be 12345.pdf.
Again, i apologise for the probable simplicity of this but i can't seem to figure it out.
$bookingid.pdf
It tells php to concatenate variable $bookingid with constant pdf. Since constant pdf is undefined, it is casted to string and concatenated. Proper code will look like:
$bookingid . '.pdf'
or
"$bookingid.pdf"
This should be
$bookingid.".pdf"
PHP is seeing a string concatenation, concatenating pdf' to $booking. pdf is an undefined string, so PHP helpfully assumes that you mean the text itself, but it misses the full stop you also need.
I'm writing a script (in PHP) which will go through a PHP file, find all instances of a function, replace the function name with another name, and manipulate the parameters. I'm using get_file_contents() then strpos() to find the positions of the function, but I'm trying to find a good way to extract the parameters once I know the position of the start of the function. Right now I'm just using loop which walks through the next characters in the file string and counts the number of opening and closing parentheses. Once it closes the function parameters it quits and passes back the string of parameters. Unfortunately, runs into trouble with quotes enclosing parentheses (i.e. function_name(')', 3)). I could just count quotes too, but then I have to deal with escaped quotes, different types of quotes, etc.
Is there a good way to, knowing the start of the function, to grab the string of parameters reliably? Thank you much!
EDIT:
In case i didn't read the question carefully, if you want to only get function parameters,you can see these example :
$content_file = 'function func_name($param_1=\'\',$param_2=\'\'){';
preg_match('/function func_name\((.*)\{/',$content_file,$match_case);
print_r($match_case);
but if you want to manipulate the function, read below.
How about these :
read file using file_get_contents();
use preg_match_all(); to get all function inside that file.
please not that i write /*[new_function]*/ inside that file to identify EOF.
I use this to dynamically add/ delete function without have to open that php files.
Practically, it should be like this :
//I use codeigniter read_file(); function to read the file.
//$content_file = read_file('path_to/some_php_file.php');
//i dont know whether these line below will work.
$content_file = file_get_content('path_to/some_php_file.php');
//get all function inside php file.
preg_match_all('/function (.*)\(/',$content_file,$match_case);
//
//function name u want to get
$search_f_name = 'some_function_name';
//
for($i=0;$i<count($match_case[1]);$i++){
if(trim($match_case[1][$i]) == $search_f_name){
break;
}
}
//get end position by using next function start position
if($i!=count($match_case[1])-1){
$next_function= $match_case[1][$i+1];
$get_end_pos = strripos($content_file,'function '.$next_function);
} else {
//Please not that i write /*[new_function]*/ at the end of my php file
//before php closing tag ( ?> ) to identify EOF.
$get_end_pos = strripos($content_file,'/*[new_function]*/');
}
//get start position
$get_pos = strripos($content_file,'function '.$search_f_name);
//get function string
$func_string = substr($content_file,$get_pos,$get_end_pos-$get_pos);
you can do echo $func_string; to know whether these code is running well or not.
Use a real parser, like this one:
https://github.com/nikic/PHP-Parser
Using this library, you can manipulate the source code as a tree of "node" objects, rather than as a string, and write it back out.
Very simply, i want to make a variable reads the html code as string ,, i mean dont execute it (run it) .
the problem with the code is : i have a html file , and i want to get the content of it , and make some preg_replace for it (run a function on the html code), the problem is i cant use preg_replace, or any another function because the html code is executed by php (php reads the html code)..
i wish you understand me, i want something like highlight_string, but it save the html code in the variable.
Thank you.
you're probably trying to include or require the HTML code.
which is incorrect since it is evaluated as part of the source.
instead, use a function such as file_get_contents() to read the file into a string.
Use file_get_contents() as #David Chan suggested and then pass the result through htmlentities()... it converts the characters to HTML entities (i.e., < to <).
$getTheContent = file_get_contents($filepath);
echo htmlentities($getTheContent);
It should return the code, not executed.
I have a string that has HTML & PHP in it, when I pull the string from the database, it is echo'd to screen, but the PHP code doesn't display. The string looks like this:
$string = 'Hello <?php echo 'World';?>';
echo $string;
Output
Hello
Source Code
Hello <?php echo 'World';?>
When I look in the source code, I can see the php line there. So what I need to do is eval() just the php segment that is in the string.
One thing to consider is that the PHP could be located anywhere in the string at any given time.
* Just to clarify, my PHP config is correct, this is a case of some PHP being dumped from the database and not rendering, because I am echo'ing a variable with the PHP code in it, it fails to run. *
Thanks again for any help I may receive.
$str = "Hello
<?php echo 'World';?>";
$matches = array();
preg_match('/<\?php (.+) \?>/x', $str, $matches);
eval($matches[1]);
This will work, but like others have and will suggest, this is a terrible idea. Your application architecture should never revolve around storing code in the database.
Most simply, if you have pages that always need to display strings, store those strings in the database, not code to produce them. Real world data is more complicated than this, but must always be properly modelled in the database.
Edit: Would need adapting with preg_replace_callback to remove the source/interpolate correctly.
You shouldn't eval the php code, just run it. It's need to be php interpreter installed, and apache+php properly configured. Then this .php file should output Hello World.
Answer to the edit:
Use preg_replace_callback to get the php part, eval it, replace the input to the output, then echo it.
But. If you should eval things come from database, i'm almost sure, it's a design error.
eval() should work fine, as long as the code is proper PHP and ends with a semicolon. How about you strip off the php tag first, then eval it.
The following example was tested and works:
<?php
$db_result = "<?php echo 'World';?>";
$stripped_code = str_replace('?>', '', str_replace('<?php', '', $db_result));
eval($stripped_code);
?>
Just make sure that whatever you retrieve from the db has been properly sanitized first, since you're essentially allowing anyone who can get content into the db, to execute code.