On Thu, 8 Jul 2004 16:05:53 +0100, Phil Mellor [EMAIL PROTECTED] wrote:
Hello world!
Please help! I have a CMS built which I have a problem with and I don't know
if it's a coding error or a bug, but any suggestions would be welcome!
My CMS pulls information from MySQL database with slashes. On one particular
content module I have a problem! I'm trying to 'require' a module stored on
disk, sometimes it works and othertimes it produces the following error:
Parse error: parse error, expecting `','' or `';'' in
/home/sites/site8/web/cmp/generatePage.php(565) : eval()'d code on line 45
If I echo the statement which is supposed to be eval'ed and compare it to
when it works, the only difference is that the working one includes slashes
(this makes sense as I'm stripping slashes from the DB result to make it
work!).
Anyone got any idea how I work around this issue? I can't add or
stripslashes from the file on disk, because then it fails because of the
same intermittant error!
If it's failing on code from the DB, it has nothing to do with slashes
in the included file.
1) You really shouldn't be storing code in the DB, it's much better to
use files.
2) eval-ing code should be a last-ditch effort. Using eval() can lead
to huge security vulnerabilities.
If you still want to use it, look at how you're entering the code into
the DB. Likely it has extra slashes. This in turn is probably the
fault of magic_quotes_gpc. If you have slashes before quotes in the
DB, your problem is that you're adding too many slashes. Either you're
calling addslashes twice or magic_quotes is adding slashes, and then
you're adding slashes again. Check to see if magic_quotes_gpc is on
(phpinfo() or your php.ini). Please see the archives of this list for
more discussion.
--
DB_DataObject_FormBuilder - The database at your fingertips
http://pear.php.net/package/DB_DataObject_FormBuilder
paperCrane --Justin Patrin--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
