0

I'm not even sure if this is possible, but essentially I want to have a function stored within my MySQL database, so here I have my database

Database->pages:
[id] [name ] [content ] [enabled] [main] [parent]
[6 ] [login] [login();] [1      ] [0   ] [5     ]

Now I'll have the set returned

public function viewPage() {
        global $db;
        $query = <<<SQL
        SELECT content
        FROM pages
        WHERE id = :getid
SQL;
       $resource = $db->sitedb->prepare( $query );
       $resource->execute( array (
       ':getid'    =>   $_GET['id'],
       ));
       foreach($resource as $row){
               echo $row['content'];
       }
}

Last but not least I have my viewPage.php page that has

$static->viewPage();

So when I go to viewPage.php?id=6 I want it to pull the data and since content is login(); I want it to call the login(); function which would be translated into an include file. Is this even possible?

Improve this question
5
  • you can look at the eval function php.net/manual/en/function.eval.php Commented May 7, 2015 at 19:30
  • You should not be doing that, really. Commented Jul 8, 2015 at 21:53
  • @NikolaPetkanski, While I appreciate constructive criticism what you gave there is simply a statement. If you put forth the effort to say you shouldn't do it then you should also feel free to give your reasoning behind it. Otherwise to me it seems to me the same as "Dogs are better than cats" It's at this point only a statement with no facts behind it, simply an opinionated statement. I'm not trying to be rude it just doesn't make sense to me to say anything at all. Commented Jul 9, 2015 at 0:57
  • There's a saying among developers. It goes like "eval() is the root of all evil.". If you are to be saving a php code in mysql and you are to be executing it later on, I really doubt this is by design. More likely there's a problem with the software architecture and the feature you are working on has not been engineered properly. If you are unaware of what I am saying after this comment, there's really nothing I can do to make it more clear. Gaining experience you may be able to grasp it in a few years. I don't mean to be rude. English is not my native language and people often complain. :) Commented Jul 10, 2015 at 14:30
  • No not rude. Makes sense, the way I work the code is so that a shorthand code can be thrown into the database then pulled if there's a function that matches. That gives me more to go on then it shouldn't be done at all. I've never cared when people simply post a one sentence statement and feel that they've contributed whereas there you've clarified what you meant to where I can look into why you think it's a bad idea. I don't mind doing the research on it. Commented Jul 10, 2015 at 17:14

1 Answer 1

Reset to default
5

You can use variable functions to achieve this effect. We would need to verify that the function is_callable beforehand.

Let's say we get a row back with the field name set to login. You can do this:

if( is_callable($row['name']) )
    $row['name']();

This will call the function login. You can also pass parameters if you want, as you would any other function.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Awesome Answer! Exactly what I needed. Works exactly like what I had in mind. public function viewPage() { global $db; $query = <<<SQL SELECT content FROM pages WHERE id = :getid SQL; $resource = $db->sitedb->prepare( $query ); $resource->execute( array ( ':getid' => $_GET['id'], )); foreach($resource as $row){ if( is_callable($row['content'] )) $row['content'](); else echo $row['content']; } } makes it so that it now can either call the content or the function.
It would probably be a good idea to create a whitelist of functions instead of dropping the name directly in the DB. Otherwise if your DB is compromised all kinds of interesting things could happen. Better yet would be to use an event system as it solves that problem and also probably offers added utility to your application as a whole.
I do strongly agree with @prodigitalson. That is the next step to take. Heed their words. ;)
I'll have to do more reading on that later on down the road. My original thought was I wanted to do a shortcode system. IE [login] and [login] would be used to call an actual function and I still want to eventually go that route, but at this time I'm not quite there.
It wouldn't be too bad, actually! You can have an array of whitelisted functions and then check if the field from the row is in that array. If so then it is callable and you can skip the is_callable check entirely, so it would still be two small lines of code. :)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.