I have two files like below
SomeClass.php
class SomeClass {
public function display() {
$content = file_get_contents("helloworld.php");
eval($content);
}
public function helloWorld() {
echo "hello World!";
}
}
helloworld.php
<?php
$this->helloWorld() ;
?>
<p>It's html expression</p>
As you can see, I tried to execute helloworld.php in the display function.
Of course, It occur an error because the html tag is placed in the display function.
Is there any good way to execute helloworld.php text in the display function preserving helloworld.php code?
If you're trying to execute a specific file in the context of the current code, why not use include or require?
Remember, if eval is the answer, the question is wrong.
If you really want to use eval here,
eval('?>' . $content);
should work. Yes, you can close and reopen the PHP tag inside. This is how certain template engines work.
You can capture it with output buffering.
ob_start();
include "helloworld.php";
$content = ob_get_contents();
ob_end_clean();
There is no way to do this, unless you want to do string concatination.
I tested this with a few minor changes to the helloworld.php file as such it works:
$this->helloWorld() ;
?><p>It's html expression</p>
This shows that the text is run raw as if it were hard included.
Now if you DONT or CANT change the open <?php tag, you can go one of two ways.
The easy way (String Concatenation):
public function display() {
$content = file_get_contents("helloworld.php");
eval('?>' . $content); //append a php close tag, so the file looks like "?><?php"
}
The harder way (String Replace):
public function display() {
$content = file_get_contents("helloworld.php");
//safely check the beginning of the file, if its an open php tag, remove it.
if('<?php' == substr($content, 0, 5)) {
$content = substr($content, 5);
}
eval($content);
}
you can use include or require for this purpose.
Related
I was wandering if it were possible to store a html schema page with special strings to replace with variable and how to do it.
In an external file, I would like to put the html structure of a product, let's call it schema.php:
<span id="{% id %}">{%= name %}</span>
<span>{%= imageURL() %}</span>
The example above is just a simpler example. In the external file, the html would be more complex. I know that if there were just few lines I could just echo them with a simple function but this is not the case.
In another file I have a class that handle products, let's call it class.php:
class Product {
//logic that is useless to post here.
public function imageURL() {
return "/some/url".$this->id."jpg";
}
}
In this class I would like to add a function that take the content from schema.php and then echo it in the public file for users.
I tried with file_get_contents() and file_put_contents() but it just doesn't work:
$path_to_file = 'data/prodotti/scheda.inc';
$file_contents = file_get_contents($path_to_file);
$file_contents = str_replace(
"{%= ",
"<?php echo $this->",
$file_contents
);
$file_contents = str_replace(
" }",
"; ?>",
$file_contents
);
file_put_contents($path_to_file, $file_contents);
is it possible to call schema.php page and print it with custom variables?
By "schema page" I think you mean "template" and yes, but the best way to do it is to use an existing templating engine such as Smarty or a Mustache implementation like https://github.com/bobthecow/mustache.php instead of implementing it yourself because of the risks of XSS, HTML-injection, and how you'll eventually want features like looping and conditionals.
you can do it normaly with php require func. without any strings to replace, if you just want to use that file as "template" then:
in schema.php:
<?php
echo'<span id="'.$id.'">'.$name.'</span>
<span>'.$imageURL.'</span>';
?>
in class.php:
<?php
class Product {
//logic that is useless to post here.
public function imageURL() {
return "/some/url".$this->id."jpg";
}
}
$imageURL = imageURL(); ?>
Index.php or whatever the main page that handles class.php and temp.php(schema)
<?php
//avoid undefined variables on errors
//in case that you don't check for values submitted
$id = 0;
$name = 0;
$imageURL = '';
//set vars values
$id = /*something*/;
$name = /*something 2*/;
$imageURL = /*something3*/;
//all date will be replaced is ready, oky nothing to wait for
require('path/to/schema.php');
Note: If you gets these data from user, then you should validate with if(isset()).
hope that helps,
So I have a case were I need to interpret a PHP file and then put it in a variable as a string.
I have this some what common helper function to do this:
function ob ($path) {
ob_start();
include($path);
$string = ob_get_contents();
ob_end_clean();
return $string;
}
Just give it the path and it will give you the string after it has been interpreted. Works great.
However I also need to send it a variable. I tried just appending a GET request string to the path, but it appeared not to work. The function prototype would look like this:
// how would I implement this?
function ob ($path, $variable_to_send) {
}
How should I do this?
Simply use a global variable.
Set it in one file like this:
$GLOBALS['arg'] = 'test';
Access it in another file similarly:
$arg_passed = $GLOBALS['arg'];
If you wanted to architect this a bit more use the registry pattern.
Note this assumes that this is the same HTTP request. If you need persistence across HTTP requests use session variables.
Let the external script is external.php:
<?php
echo $argument;
?>
and the caller scrip is caller.php (on the same folder of external.php):
<?php
function ob ($path, $argument) {
ob_start();
include($path);
$string = ob_get_contents();
ob_end_clean();
return $string;
}
$out = ob("external.php","Ciao");
echo "$out Cade";
?>
The result will be:
Ciao Cade
I'm working on a project where I'm keeping all HTML content separate from the rest of the PHP code. Each instance where any HTML needs to be parsed for PHP variables is sent through a function call. Most these deal with dynamic data from the database.
A simple example of a template file:
<div id='{$data['id']}'>{$data['text']}</div>
The variables in the $data array are passed through a function call where the HTML snippet needs to be added to the output buffer:
$output .= $html->load_template('template_id', array('id' => 123, 'text' => 'Testing'));
The html::load_template() function simply locates the correct text file, and is supposed to load the variables and return the string as HTML. This is where I'm having issues:
public static function load($template, $data=array()) {
ob_start();
include ( TEMPLATE . $template .'.tpl' );
ob_flush();
}
I've tried using include() and file_get_contents(), but to no avail - I'm looking for a simple solution where I can use the {$data['var']} syntax, preferably retaining the template HTML as a simple variable, so it can then be added to the output.
I'm trying to avoid using eval().
Can someone give me some guidance?
I've done the same thing in the past, you can modify your below code like this:
public static function load($template, $data=array()) {
ob_start();
include ( TEMPLATE . $template .'.tpl' );
$getData = ob_get_clean();
preg_match_all("|{([^>].*)}|U", $getData, $getDataArr, PREG_SET_ORDER);
if (is_array($getDataArr) && count($getDataArr) > 0) {
foreach ($getDataArr as $php) {
if (strpos($php[1],'$') !== false) {
$getData= str_replace($php[0], (eval('return $'.str_replace('$', '', $php[1]).';')), $getData);
}
}
}
echo $getData;
}
I am working on a simple template engine, and I was wondering if it's feasible to include the template file multiple times, once for each time the template is rendered. It basically goes like this:
function rendering_function_in_rendering_class()
{
include $path_to_templates . get_class($this) . 'template.php';
}
And then in the template file:
<h1>Hello, <?php echo $this->awesomename ?>!</h1>
This function does exactly what you need:
<?php
function embed($file, $vars) {
ob_start();
extract($vars, EXTR_SKIP);
include($file);
$content = ob_get_contents();
ob_end_clean();
return $content;
}
?>
It takes file path as a first parameter and key/value array of variables which will be extract into the scope such that your template will be able to use them directly in HTML like this:
<h1><?php print $title; ?></h1>
No, functions in PHP may only be defined once. However, you can make more than one instance of each class:
$this1=new rendering();
$this2=new rendering();
echo $this1->awesomename;
echo $this2->awesomename;
Or use a function instide a class without the class being initialized:
$rendering::rendering_function_in_rendering_class();
Does that answer your question?
I've got a script that runs a custom email obfuscation class's Obfuscate() function on the content before displaying it, as follows:
ob_start(array($obfuscator, "Obfuscate"));
include('header.php');
print($html);
include('footer.php');
ob_end_flush();
That all works great. However, I've completely rewritten my view architecture, so I need to run the email obfuscation from within a class function and return that string (which then gets echoed). I initially rewrote the above as:
ob_start(array($this->obfuscator, "Obfuscate"));
include('header.php');
echo($this->content);
include('footer.php');
$wrappedContent = ob_get_contents();
ob_end_clean();
Unfortunately, the $this->obfuscator->Obfuscate() callback is not being fired. I have since learned that ob_get_contents() does not fire the callback, but have tried ob_get_clean() & ob_get_flush() to no avail as well.
So, how can I get the contents of the buffer after the callback has been fired?
Of course, I was overlooking the fact that the only reason to use the callback on ob_start() was because I wanted to run Obfuscate() on the content before it was flushed, but if I'm getting that content back I don't need to run a callback! So, not using a callback and just running ob_get_clean()'s results through Obfuscate() does what I wanted. Doh!
ob_start();
include('header.php');
echo($this->content);
include('footer.php');
return $this->obfuscator->Obfuscate(ob_get_clean());
Change
ob_end_clean();
with
ob_clean()
Will trigger .
This is the code eg I tried
<?php
class Obfuscate {
public function __construct()
{
}
public function getObfuscate()
{
return "obfuscate";
}
}
class Example
{
public function hello( $obfuscator )
{
ob_start(array( $obfuscator, 'getObfuscate' ));
include('header.php');
echo "Thi is a content ";
include('footer.php');
$wrappedContent = ob_get_contents();
ob_clean();
}
}
$obfuscator = new Obfuscate();
$example = new Example;
$example->hello($obfuscator);
ob_clean();