Well, I've gone over this atleast 30 times, tried as many possible combinations that I could think of, can you spot the syntax error? (I can't, obviously). It doesn't display what it should be, instead it displays the actual html of the page!
The Code:
$ct->data[$key][1] =
'<input id="quantity" name='."items[<?=$product_id;?>]".
'type="text" value="'.$ct->data[$key][1].'"
style="background:#FFFFFF url(qty.png) no-repeat 4px 4px;
Can someone please tell me what I've done wrong? Any help/advice at all is appreciated.
Thanks!
What is this?
name='."items[<?=$product_id;?>]".' type=
I think you meant
name="items[' . $product_id . ']" type=
Using short tags is a very bad practice. It makes code harder to read and it isn't enabled by default on most environments. Which can lead to mistakes like this one.
Always use the full <?php (and not <?) and <?php echo "string" instead of <?="string">. This will prevent many mistakes.
Then, it looks like you're trying to evaluate PHP in strings. echo "echo 'test'"; will never print test, it will always print echo 'test'. It's the same thing for items[<?=$product_id;?>]. First of all, it isn't even a valid PHP syntax and second of all, even if it was really, you can use $product_id without any other modification : items[$product_id]. (edit: actually, I'm not even sure what you're trying to do here).
I'm not going to go over all your code, but it seems like you lack the basics of the language. It may be good to review them!
Related
I am trying to create a dynamic FAQ page. I have the following phtml sample :
<div id="faq">
<!-- Start FAQ "Navigation" -->
<div class="faqBox">
<? foreach($this->aFAQ as $k => $val) : ?>
<?= ($val['mQuestion']); ?>
<?= ($val['mAnswer']); ?>
<? endforeach; ?>
</div>
</div>
Which outputs as follows:
For additional payment options - check or money order, please contact us at iBrandingLevel == 2 ? $this->oStore->getSuppPhone()." Monday to Friday ".$this->oStore->getSuppHoursOpen()." - ".$this->oStore->getSuppHoursClose()." ".$this->oStore->getSuppTimeZone() : "(888) 455-3237 x2 from Monday to Friday 8:00am - 4:30pm MST/Arizona."; ?>
The above text is just the first $val['mAnswer'] (I didnt include the question as that is working properly).
The html is being rendered however obvoiusly the php isn't. the <? and ?> are being removed and just code is displaying. Is there a fix for this? or is my approach fundamentally wrong.
thanks
Your approach is fundamentally wrong, you are outputting PHP code as if it was HTML text and try to execute it.
It is possible to execute code from a string, you can look at the Eval method (http://php.net/manual/fr/function.eval.php) in PHP, but it is not recommended to do this. There are better ways to resolve your specific issues than to output PHP code directly.
What you could do is send a few variables to the view, and use if conditions there.
You could also prepare the full string you need before the view and then all that would be needed is to display it.
To elaborate a little about Eval :
1- If the code you execute within the Eval comes from a user, it is extremely dangerous.
2- If not, there is very often a better solution to the problem, using Eval makes it harder to debug.
Actually, I'm not sure I should answer this.
First, the answer to your request is the mixed eval ( string $code ) php function.
Second, FORGET IT. IMHO, this could be one of the most dangerous things you could think in.
Thanks everybody for the input and resulting discourse. The php code that was being stored in the database was not being input by users, it was all completely internal, however it still shouldn't be there.
I ultimately went through the database and set a %%variablename%% in place of the php code and then upon retrieval I wrote a script that would:
preg_replace("/\%\%variablename\%\%/", $desiredPhpcode, dbRetrievedString).
all instances of %%variablename%%.
It seemed the safer and more sound approach. I don't know if this is an IDEAL approach that anybody else could benefit from if caught in this circumstance or if it 'just works', but I thought I would share.
Thanks Again for the input it helped enormously
PHP is server-side language. Outputting it to client does not make any sense, as there is no one to interpret it.
echo '<td>'.$row_sv['name'].'</td>';
I don't want to use any target and changed it like this but it messed up my table
echo '<td><a href="'.$row_sv['website].'$row_sv['name'].'</a></td>';
something wrong?
To make such pieces clearer I prefer using templates. In your case that would be:
printf( '<td>%s</td>', $row_sv['website'], $row_sv['name'] );
No mess with the quotes and opening/closing tags.
You should use the following:
echo '<td>'.$row_sv['name'].'</td>';
You mixed up the quotes a bit:
echo '<td>'.$row_sv['name'].'</td>';
You deleted too much, and then messed up something that was ok to begin with.
Use:
echo '<td>'.$row_sv['name'].'</td>';
In addition to deleting too much, you also had $row_sv['website] instead of $row_sv['website'] which should've cause a parse error too (unless it was just a typo here).
In the future here, you could also paste the HTML output instead of saying "it messed up my table" -- it'll make it easier for you to see the problem as well as folks here, I am sure.
So I'm trying to do something extremely simple, and after reading through forums, and researching on google I still can't figure out why this is not working. But this is mostly like because I'm still a very much noobie programmer. I'm trying to send information through a url, and having a script pick it up using the $_GET super global.
Here's the link code, in a file called TESTFORM.php:
<p>
Here's a link:
ID
</p>
This is the TESTGET.php script:
<?php
if (isset($_GET['id']))
echo 'it is set<br />';
else
echo 'it is not set<br />';
?>
This yields in a "It is not set" appearing on the page every time. Any thoughts? Are there ghosts in my computer ruining my code? Thanks for taking the time to read through this! Happy coding!
I'm no PHP programmer, but I do know from HTML that computers (especially file names) don't "like" spaces. Try removing the spaces in the id = 5 code.
Your problem is the extraneous space here around the URL parameters:
ID
That will result in PHP seeing the parameter as $_GET["id_"]. The space gets converted into an underscore.
It's always best to use var_dump($_GET); or var_dump($_REQUEST) when you run into such problems. Secondarily it is sometimes helpful to get rid of isset in such cases. Albeit you have a custom error message in place of the language notices intended just for that.
Have you tried to remove spaces in your link?
ID
Code seems fine at a glance, have you tried removing the spaces in
?id = 5 to ?id=5
I'm probably blind to my own mistake again, but why doesn't 2011 become the default selected year? (The -- are for debugging, they show up that the if statement works correctly.)
for($year=1900;$year<=2050;$year++) {
if ($year==date("Y"))
echo "<option value='".$year."' selected='selected'>--".$year."</option>";
else
echo "<option value='".$year."'>".$year."</option>";
}
The selected='selected' should just work. (link) So it is either a stupid mistake(i really don't see one) or some effect from php..
UPDATE:
found the problem.. the ftp didn't overwrite the file properly. Now it works. Thanks for the fast help, when these things happen I always start doubting my own sanity. (cant send this as answer because i have a low rep)
PHP has no effect on the browser behaviour, so if it doesn't work, it is a stupid mistake in the HTML output. ;)
Best thing is checking if the selected variant is actually outputted. Could be that the comparison evaluates to false, so it's always the second line. A little debugging should point out fast what is wrong. Check the output in the browser or var_dump the values of $year and date('Y') to see if they return what you expect.
At first sight I see no error here. Do you have any Javascript that might influence the selection?
CTRL + SHIFT + R if you use firefox.
I had that problem very often too ..
It should be just the cache.
Btw.: You should rather use double quotes for html attributes. That's more "usual". :)
Are you checking the generated HTML? Maybe this code works well (it seems it does), but the problem is in select, or in another place.
I've got PHP and HTML code stored in a database table. When I get this data, I need to echo the HTML and process the PHP. I thought I could use eval() for this, which works, if I do this eval("echo 'dlsj'; ?> EVALED "); I get "dlsjEVALED" printed out.
The problem is, I get a fatal error when I run longer scripts. Things like:
Parse error: syntax error, unexpected '<' in /home/content.php(18) : eval()'d code on line 1
Best advice - never store php and html code in your database. And avoid eval() like the plague.
I can't really tell what's wrong with your code, as you haven't provided enough information. But even if I did have some advice, I don't think I could give it in good conscience.
You should redesign your whole application so that it doesn't require storing such things in the database. I can't imagine why it would be necessary.
just right der...........
eval('?>' . $content .'<?php');
You need to re-open php mode after the EVALED. Apparently you have to do this with <? rather than the full <?php.
As a rule eval is to be avoided. But rules are made to be broken. There's a thread at When is eval evil in php? that gives some less dogmatic advice.
Depending on what you want to do, it might be suitable to use a template file that you source, with text that will vary stored in a local variable prior to sourcing the template.
As for storing code to be executed in the DB... this does happen in some frameworks like Drupal to provide convenient extensibility, but then Drupal is pretty thoroughly scoured for security weaknesses.
Also if you're writing self-modifying code then you need to use eval(). Not sure if anyone has done that in php but it would certainly be interesting.
I would guess that you're trying to eval() something that contains an opening <?php tag. And that leads to the error at hand.
$contents = htmlentities($contents);
echo html_entity_decode(eval($contents));