0

I'm having trouble describing this issue, which is probably why I can't find the answer on google.. so I figured I would try getting help here. If I'm repeating this question, feel free to direct me to a link to the thread.

So basically the issue I'm having is I am trying to pass a variable to a function that contains some php code to be eval'd.

Here's the simplified version of the code:

function senduser($body) {

    $query = mysql_query("SELECT * FROM User_tbl");
    while ($row = mysql_fetch_array($query)) {

        echo eval($body);

    }

}

$body = 'Hello $row[\'user_first_name\'] <br>';
sendUser($body);

--

For some reason, the output isn't putting out what I want. I've gotten a few whitespace errors, and a few times I've gotten the code to output the plain text of the variable $body.

Any help is appreciated. Let me know if I need to clarify the issue further.

Improve this question
5
  • Does your $body variable contains "<?php" or "?>" ? Commented Feb 22, 2011 at 15:57
  • Please take care to format your questions properly if you expect others to answer them. Commented Feb 22, 2011 at 15:58
  • @Lada: Not necessary for eval() - it assumes the string contains raw PHP code. It won't parse a plaintext string and look for <?php ?> blocks - the whole string must be PHP code. Commented Feb 22, 2011 at 15:59
  • 1
    Oh good god. I can't even begin to fathom the horrors of the above. Don't use eval. Use a callback or an anonymous function, there's no need to do that... Commented Feb 22, 2011 at 16:00
  • Might just be me, but that code didn't make much sense. You're looping though the data returned from the query, but not really using it for each loop. And you assign $row inside the function, but only reference it outside. Commented Feb 22, 2011 at 16:00

4 Answers 4

Reset to default
1

I would change it to this:

function sendUser($body) {
    $query = mysql_query("SELECT * FROM User_tbl");
    while ($row = mysql_fetch_array($query)) {
        echo $body($row);
    }
}

And then call it like this (php 5.3+):

$body = function ($row) {
    return "Hello ".
        htmlspecialchars($row['user_first_name'], ENT_QUOTES, 'UTF-8').
        "<br />";
};
sendUser($body);

In php <= 5.2, it's a lot messier:

$body = create_function(
    '$row',
    'return "Hello ".'.
        'htmlspecialchars($row["user_first_name"], ENT_QUOTES, "UTF-8").'.
        '"<br />";'
);
sendUser($body);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

That isn't now eval works; it returns null unless you explicitly return a value. You're also missing quotes around the string, and a semicolon at the end of the statement.

To get it to echo something, you'd have to pass the echo as part of the code to be evaluated:

$body = 'echo "Hello $row[\'user_first_name\'] <br>";';

or, to get your code working as written, you'd have to return the formatted string:

$body = 'return "Hello $row[\'user_first_name\'] <br>";';

This is a pretty contrived use of eval. You'd be far better off passing in a printf-style format string and using sprintf to substitute values into it, and returning that string for printing. As it stands you seem to be mixing your display logic with your database logic, which is a bad thing.

Improve this answer

1 Comment

the printf/sprintf idea worked just as easily. i think i'm going to use this method because of how much easier (and cleaner) it is. many thanks.
0

Your code, as is, will never work. Removing the mysql portion:

<?php

function senduser($body) {
    $row['user_first_name'] = 'Fred';
    echo eval($body);
}

$body = 'Hello $row[\'user_first_name\'] <br>';
sendUser($body);

Gives me:

PHP Parse error:  syntax error, unexpected T_VARIABLE in /home/marc/z.php(5) : eval()'d code on line 1

Anything you pass in to eval() must be raw PHP code. It can't be plaintext with embedded <?php ?> PHP blocks - it has to be actual PHP code. When you fix up $body to account for this:

$body = 'echo "Hello {$row[\'user_first_name\']} <br>";';

Then you get:

Hello Fred <br>
Improve this answer

Comments

0

I'm not exactly positive what you're trying to do, but I think your problem is in the definition of $body and your use of eval.

$body = 'Hello $row[\'user_first_name\'] <br>';

is not a valid line of php, and eval won't know what to do with it.

See if this fits what you want:

function senduser($body) {
    $query = mysql_query("SELECT * FROM User_tbl");
    while ($row = mysql_fetch_array($query)) {
        eval($body);
    }
}

$body = 'echo "Hello {$row[\'user_first_name\']} <br>";';
sendUser($body);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.