hi, I have some heredoc on this way:
$foo = <<<bar
<form action="index.p hp" method="POST" name="user">
............... ............... ............... ............... ............... ..
HTML code here........... ............... ............... .....
............... ............... ............... ............... ..........
$lang = mysql_query("SE LECT * FROM lang where selected != '*'");
............... ............... ............... ............... ........
more PHP consults to mysql here
............... ............... ............... ..........
bar;
The question is how to escape the php code for display into HTML, what
I have done
is comment it with <!-- and --this works, but if I see the page
source code I can see
all the php code commented here, and obviously is insecure for the
system, anyone know what
to do?
thanks
2  1386 
*** someusernameher e escribió/wrote (Fri, 1 Aug 2008 09:03:15 -0700 (PDT)):
$foo = <<<bar
<form action="index.p hp" method="POST" name="user">
............... ............... ............... ............... ............... .
HTML code here........... ............... ............... .....
............... ............... ............... ............... .........
$lang = mysql_query("SE LECT * FROM lang where selected != '*'");
............... ............... ............... ............... .......
more PHP consults to mysql here
............... ............... ............... .........
bar;
The question is how to escape the php code for display into HTML, what I
have done is comment it with <!-- and --this works, but if I see the
page source code I can see all the php code commented here, and
obviously is insecure for the system, anyone know what to do?
Heredoc syntax is similar to double quotes: you get variables replaced with
their values, but that's all. You can't put PHP code inside.
--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://bits.demogracia.com
-- Mi web de humor en cubitos: http://www.demogracia.com
--
Álvaro G. Vicario wrote:
*** someusernameher e escribió/wrote (Fri, 1 Aug 2008 09:03:15 -0700 (PDT)):
>$foo = <<<bar
<form action="index.p hp" method="POST" name="user">
.............. ............... ............... ............... ............... ..
HTML code here........... ............... ............... .....
.............. ............... ............... ............... ..........
$lang = mysql_query("SE LECT * FROM lang where selected != '*'");
.............. ............... ............... ............... ........
more PHP consults to mysql here
.............. ............... ............... ..........
bar;
>The question is how to escape the php code for display into HTML, what I
have done is comment it with <!-- and --this works, but if I see the
page source code I can see all the php code commented here, and
obviously is insecure for the system, anyone know what to do?
Heredoc syntax is similar to double quotes: you get variables replaced with
their values, but that's all. You can't put PHP code inside.
Is there a way to do this:
function getSomething(){
return 'something';
}
$content = <<<MY_BLOCK
Insert the return for a function like: getSomething()
....
MY_BLOCK;
That's doable in perl with a trick and I suspect there is a way to do it
in php.
As for the ops question, I have no idea why you'd want to insert code
in the heredoc as you can assemble heredocs just like any variable.
$content .= <<MY_BLOCK
....
MY_BLOCK;
some code...
$content .= <<MY_BLOCK
....
MY_BLOCK;
Jeff
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Zapp |
last post by:
Hi
Can anyone tell me why my form script fails at this line
<form action="$_SERVER" method="POST">
when running on my ISP which is using PHP version 4.3.2,
Configure Command './configure' '--prefix=/usr/local'
'--with-apache=/home/shells/chriss/Apachetoolbox-1.5.66/apache_1.3.27'
'--enable-exif' '--enable-track-vars' '--with-calendar=shared'
'--enable-magic-quotes' '--enable-trans-sid' '--enable-wddx' '--enable-ftp'...
|
by: bigoxygen |
last post by:
Is it possible to invoke a function from inside heredoc?
Thanks
|
by: flupke |
last post by:
Hi,
i have php script where i use a heredoc type of variabele
to print out some html. In the heredoc, i use the values of
several other vars.
php snippet:
$div=<<<END_DIV
<DIV class="linkblock">
|
by: Jeff Thies |
last post by:
I need to remove non digits from a number.
I thought I could do this:
var phone='22-p67s82';
var re=/\D/g;
phone=phone.replace(re,'');
alert(phone) yields: 22-p67s82
|
by: bill |
last post by:
Thanks to those that taught me to use heredoc to embed html in
php. I don't want to start the html in php vs php in html
discussion again.,
heredoc works a treat for that which I am doing except:
In the generated html I have a number of checkboxes. I fill
in the checkboxes from a boolean value in a mySQL table. To make
this easier I use a function that takes the boolean and return
either 'checked' or ''. This worked well when I was...
| | |
by: Matt F |
last post by:
I can't seem to get heredoc to populate correctly with variables through
a form.
<textarea name="Template" rows="10" cols="80">Template Here</textarea>
Contents could be something like: I want to replace $myarray and
another variable $myarray
I call heredoc this way:
|
by: Jeff |
last post by:
I have this:
$content = <<<TD
$D
TD;
that fails silently and stops php even though errors are turned on
|
by: Adam Cantrell |
last post by:
How could I count the number of newlines in a heredoc variable? This
outputs 0, but I thought heredoc preserved newlines?
<?
$test = <<<END
<a href="test5.php">adam</a>
<p>
Hi There
</p>
END;
|
by: ziycon |
last post by:
I have a site that has been using the HEREDOC syntax for awhile, after a recent upgrade to the site a lot of pages are erroring with the below error, i can't figure it out at ll, any ideas?
All the pages are giving the same error on different lines but it seems to be related to the HEREDOC syntx?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
