I am working with a system, where all PHP code is stored in a database, to allow it to be dynamically altered. Now the code itself works perfectly fine when displayed on the page, but when the same code is called with AJAX, it returns an error 500. I already tried enabling display_errors, no dice, and it all boils down to the eval statement, if it is there I get a 500 error if it's not the script runs fine.
<?php
global $objPDO;
$objSnippet = $_REQUEST["snippetname"];
$objVariables = $_REQUEST["snippetvariables"];
//var_dump($objPDO);
if ($objSnippet == "XHubDiscussion") {
$objPDOStatement = $objPDO->prepare("SELECT snippet FROM modx_site_snippets WHERE name = :name LIMIT 1");
$objPDOStatement->bindParam(":name", $objSnippet, PDO::PARAM_STR);
if ($objPDOStatement->execute()) {
$arrSnippet = $objPDOStatement->fetch(PDO::FETCH_ASSOC);
extract($objVariables);
//var_dump($arrSnippet);
if (FALSE === eval($arrSnippet["snippet"])) {
var_dump("dis also be ronk");
}
} else {
var_dump("Ronk!");
}
}
?>
Yes I have triple checked everything else, if the eval is out commented, it reacts perfectly fine. The code executed:
<?php
require_once($_SERVER["DOCUMENT_ROOT"] . "/assets/snippets/xhub/xhub.snippet.php");
global $arrXHubUserCollection;
$objXHubS = new xHub\security;
$intPageID = $modx->documentIdentifier;
if (isset($intXHubPageID)) {
$intPageID = (int)$intXHubPageID;
}
$arrXHubThread = $objXHubS->DiscussionGetThreads(array($intPageID));
$arrMessageFetch = array((int)$arrXHubThread[0]["id"]);
if (isset($intXHubPosttime)) {
$arrMessageFetch[] = (int)$intXHubPosttime;
}
$arrXHubMessages = $objXHubS->DiscussionGetMessages($arrMessageFetch);
$arrXHubUserGroupRelation = $objXHubS->DashboardMessageControl("UserGetGroupRelationship", array());
$strPageViewer = '<div class="clear XHubPageViewer" style="padding:10px;"></div>';
if (!isset($intXHubPosttime)) {
echo XHubTraverseMessages($arrXHubThread, false);
echo $strPageViewer;
echo '<div id="XHubConversation">';
}
echo XHubTraverseMessages($arrXHubMessages, true);
if (!isset($intXHubPosttime)) {
echo '</div>';
echo $strPageViewer;
if (is_array($arrXHubUserGroupRelation)) {
echo '<div class="EPcomment XHubEditField" style="position:inline;z-index:1000;display:block;border-radius:10px;border:1px solid #C7D7D3;background-color:#DEEBE8;margin:0px;padding:0px;">
<div>
<a onclick="XHubMessageEditor(this.parentNode.parentNode);" href="javascript:;" class="ButtonYellowSmall">Bearbeiten!</a>
</div>
<div>
<textarea style="width:97%;"></textarea>
</div>
</div>';
}
}
function XHubTraverseMessages ($arrMessages, $blnXHubComment) {
global $arrXHubUserCollection, $objXHubS;
$strMessageAssembly = "";
foreach ($arrMessages as $arrMessage) {
$intXHubUserID = (int)$arrMessage["postid"];
if (!isset($arrXHubUserCollection[$intXHubUserID])) {
$arrXHubUser = $objXHubS->DashboardRetrieve(array($intXHubUserID));
$arrXHubUser["username"][0] = $objXHubS->UserGetNameFromID($intXHubUserID);
$arrXHubUser["userid"][0] = $intXHubUserID;
$arrXHubUserCollection[$intXHubUserID] = $arrXHubUser;
}
$strMessageAssembly .= XHubCreateMessageField($arrMessage, $arrXHubUserCollection[$intXHubUserID], $blnXHubComment);
}
return $strMessageAssembly;
}
function XHubCreateMessageField ($arrMessage, $arrUser, $blnXHubComment) {
$strXHubDebatArrow = '<div class="DebatArrow"> </div>';
$strXHubCommentArrow = '<div class="EPcommentArrow"> </div>';
$strXHubThreadBox = '<div class="BoxGreen width500 right Debatbox MessageField">';
$strXHubCommentBox = '<div class="EPcomment BoxGray MessageField"><p class="lefttop">Antwort</p>';
$strXHubMessageContainer = '<div class="clear' . ($blnXHubComment ? " XHubMessages" : " XHubInitThread") . '" id="' . $arrMessage["id"] . ($blnXHubComment ? "" : "D") . '">';
$strXHubMessage = ($blnXHubComment ? $strXHubCommentBox : $strXHubThreadBox) .
'<div class="XHubPostTime" style="display:none">' . $arrMessage["posttime"] . '</div>' .
'<p class="righttop">' . date("d-m-Y", $arrMessage["posttime"]) . ' um ' . date("H:i", $arrMessage["posttime"]) . ' Uhr</p>' .
'<p class="message">' . $arrMessage["message"] . '</p>'
. ($blnXHubComment ? $strXHubCommentArrow : $strXHubDebatArrow ) .
'</div>';
$strXHubUser = '
<div class="epUser">
<p class="username"><a href="expertenpanel/benutzer/' . $arrUser["username"][0] . '" target="_blank">' . $arrUser["username"][0] . '</a></p>
<img class="profilbild" src="' . $arrUser["imglink"][0] . '" />
[[getExpertenInfo? &userID=`' . $arrUser["userid"][0] . '` &type=`logo`]]
<p class="userinfo">
<span class="status">[[getExpertenInfo? &userID=`' . $arrUser["userid"][0] . '` &type=`status`]]</span>
[[getExpertenInfo? &userID=`' . $arrUser["userid"][0] . '` &type=`showPunkte`]]
</p>
</div>
';
$strXHubMessageContainer .= ($blnXHubComment ? $strXHubMessage . $strXHubUser : $strXHubUser . $strXHubMessage);
$strXHubMessageContainer .= '</div>';
return $strXHubMessageContainer;
}
?>