0

I have a mysql database with multiple questions. Some questions contain php variables. When I try to echo the mysql data the variables don't work.

I'f tried eval, but most people say it is not safe and it doesn't work for me.

Database.php

$sql = "SELECT * FROM vragen ORDER BY RAND()";
$result = $conn->query($sql);
$row = $result->fetch_assoc();
$vragen = print_r($row[vraag],true);

mysql data

$player1[$rnd1]." take 2 drinks"

game.php

require "database.php";
    echo $vragen;  // string with hardcoded variables

I expect to get the variables working in php.

Improve this question
2
  • 1
    You shouldn't be storing these questions with the variables in them Commented Aug 22, 2019 at 14:56
  • 2
    In short, no. Longer answer is that you're essentially trying to build a templating engine. Take a look here: ourcodeworld.com/articles/read/847/… Commented Aug 22, 2019 at 14:56

2 Answers 2

Reset to default
0

Yes, it is possible using the eval keyword. For example (using the variables in your example):

# This would interpret everything stored in this variable as PHP code.
eval($vragen);

Keep in mind that the eval keyword does not return a value, so if your goal is to echo the output you don't need echo when using eval. For example:

eval($vragen);

will output the contents of $vragen directly into the output stream (browser), but

$return_value = eval($vragen);

will only check if eval was able to run or not. Any return; or return false will end the eval code.

Finally, it may be worth noting that in terms of accessing variables from the PHP script that eval is run in, per the PHP manual:

The code will be executed in the scope of the code calling eval(). Thus any variables defined or changed in the eval() call will remain visible after it terminates.

You can find other examples about the eval keyword used in the context of PHP stored in MySQL here.

However, as correctly pointed out by the above commenters, this is highly discouraged for many reasons outside of the scope of your question (is it possible). However, there is an interesting discussion on why you shouldn't do this here, if you're interested.

For more information on the eval keyword the PHP manual page is here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You can write custom native functions in MySQL by compiling C code into the server and you can call external processes in C programs so I guess the answer is yes. That answers your question but doesn't solve your problem.

You're using PHP to retrieve those strings anyway. You can simply manipulate them after fetching them:

$input = '{player1} buys 2 drinks for {player2}.';
$variables = [
    '{player1}' => 'Jim',
    '{player2}' => 'Joe',
];
$output = strtr($input, $variables);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.