dselp3944 2013-07-30 10:07
浏览 106
已采纳

存储在MySQL中的PHP变量无法解析

Good Day,

I have got a problem with my script. What I'm doing is:

I want to send an email to user. There are different templates for different type of mails like one design for SignUp confirmation, one for recent news etc. So, what I did is, I created a table and stored each design in column called content with its complete HTML code.

My database design is pretty simple for this purpose:

ID    |    type    |    content

1     |   signup   |    <html> ... <body> .. content of email ... </body></html>

So, right above is my database. field with ID 1 Now, when someone signs up, I am trying to send him an email whose content is fetched from table above. Text under content field is like:

<html>
.
.
<body>
Good Day,

You have successfully created your account.
Please activate your account now by clicking below:

<a href="activate.php?md5=$md5&code=$code">ACTIVATE</a>

</body>
</html>

In above code, if you checkout the activate link, I have used PHP variables $md5 and $code, thinking that their corresponding values would be printed in actual email. But they are printed as it is, like $md5 and $code.

Well, I did little research and from few forums, I got to know that,

1st: While we added content of HTML template to database along with these PHP variables, they have become a value of that database column itself and would not be treated as PHP variables anymore.

2nd: One person claims that he have made it's working using eval() function. I can use eval since, im not taking any value from user but database, from point of security. I tried it, but still nothing.

Below is code which I tried with eval():

$md5    =   $row['md5'];  // These variables values I'm expecting to come in template content
$code   =   $row['activ_code'];  // These variables values I'm expecting to come in template content

ob_start();
eval("\$template_content = \"$template_content\";");
$message    =   $template_content;
ob_end_clean();

Can someone help me out with this? I don't want to put complete template (HTML) on the same page where I'm using the mail function. It makes code look ugly instead of keeping it short and neat.

Please help!

  • 写回答

4条回答 默认 最新

  • drctyr2869 2013-07-30 10:09
    关注

    Use str_replace http://php.net/manual/en/function.str-replace.php and replace those variables to tags, i.e. something like %MD5%. You could still use $code but it is just no this readable and may result in wrong text being substituded (consider a string "this was $codeveloped")

    mixed str_replace ( mixed $search , mixed $replace , mixed $subject [, int &$count ] ) This function returns a string or an array with all occurrences of search in subject replaced with the given replace value.

    Then,

    $template_content = '<a href="activate.php?md5=%MD5%&code=%CODE%">ACTIVATE</a>';
$template_content = str_replace("%MD5%", $md5, $template_content);
$template_content = str_replace("%CODE%", $code, $template_content);

    str_replace also accepts arrays as arguments, so this may be a better one

    $placeholders = array("%MD5%", "%CODE%");
$values = array($md5, $code);
$template_content = str_replace($placeholders, $values, $template_content);

    Eval is a potentially dangerous and generally an overkill

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 远程桌面文档内容复制粘贴,格式会变化
  • ¥15 关于#java#的问题:找一份能快速看完mooc视频的代码
  • ¥15 这种微信登录授权 谁可以做啊
  • ¥15 请问我该如何添加自己的数据去运行蚁群算法代码
  • ¥20 用HslCommunication 连接欧姆龙 plc有时会连接失败。报异常为“未知错误”
  • ¥15 网络设备配置与管理这个该怎么弄
  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题