PHP code within PHP echo

Question

Monster Killer 0 Junior Poster in Training

14 Years Ago

I am making my own CMS website and the body content is echoed onto the page however some of the page content is php code but the actual code is echoed out. How can i make it so that it works properly.

Code:

<div id="form"> </div> 
<h1>Form</h1> <br />

<?php
require_once "formvalidator.php";
$show_form=true;
if(isset($_POST['Submit']))
{
    $validator = new FormValidator();
    $validator->addValidation("Name","req","Please fill in Name");
    $validator->addValidation("Email","email","The input for Email should be a valid email value");
    $validator->addValidation("Email","req","Please fill in Email");
    if($validator->ValidateForm())
    {

	$emailsubject = $_POST['category'];
	$webmaster = 'email';
	
	$namefield = $_POST['Name'];
	$emailfield = $_POST['Email'];
	$categoryfield = $_POST['category'];
	$subjectfield = $_POST['subject'];
	$messagefield = $_POST['message'];
	$priorityfield = $_POST['priority'];
	$IPADDR = $_SERVER['REMOTE_ADDR'];
	$date = date("H:i:s D d M Y");
	$from = "OnlineSupport";
	
	
	$body = <<<EOD
$date
Name: $namefield
Email: $emailfield
Category: $categoryfield
Subject: $subjectfield
Message: $messagefield
Proproty: $priorityfield
$IPADDR
EOD;

	$headers = "From: $from\r\n";
	$headers .= "Content-tpye: text/html\r\n";
	$success = mail($webmaster, $emailsubject, $body, $headers);
	
        echo "<h2>Form Submited! <br /> Thank You for contacting support. We will get back to you as soon as we can.</h2>";
        $show_form=false;
    }
    else
    {
        echo "<B>Errors:</B>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form method='post' action="/contact/index.php" accept-charset='UTF-8'>
Your name: <span class="red">*</span><br />
<input type="text" name="Name" size="30" maxlength="30" value="<?php echo $_POST['Name'];?>" />
<br /> 
Email address: <span class="red">*</span><br />
<input type="text" name="Email" size="30" maxlength="30" value="<?php echo $_POST['Email'];?>" />
<br /> 
Category: <br />
<select id="category" name="category">
<option value=" Select" selected="<?php echo $_POST['category'];?>"><?php echo $_POST['category'];?></option>
<option value=" Beta Testing">Beta Testing</option>
<option value=" Donating">Donating</option>
<option value=" Enquiry">Enquiry</option>
<option value=" Garrys Mod">Garrys Mod</option>
<option value=" Maps">Maps</option>
<option value=" Media">Media</option>
<option value=" Programs">Programs</option>
<option value=" Request">Request</option>
<option value=" Reviews">Reviews</option>
<option value=" Support">Support</option>
<option value=" Tutorials">Tutorials</option>
<option value=" Web Error">Website Error</option>
<option value=" Other">Other</option>
</select>
<br /> 
Subject: <br />
<input type="text" name="subject" size="30" maxlength="50" value="<?php echo $_POST['subject'];?>" />
<br />
Message:<br />
<textarea rows="8" cols="80" name="message"><?php echo $_POST['message'];?></textarea>
<br />
Priority: <br />
<select id="priority" name="priority">
<option value=" High">High</option>
<option value=" Medium">Medium</option>
<option value=" Low" selected="selected">Low</option>
</select>
<br /> <br />
<span class="red">Required *</span> <br /> <br />
<p><input type="submit" name="Submit" class="formbutton" value="Send" /></p>
</form> 
<?PHP
}//true == $show_form
?>
<br />
<br />
	<h1>Live Support</h1> <br /> 
		Coming Soon! <br /> <br />	
<br />
<br />

Can someone help please?
Thank's

php

4 Contributors
16 Replies
204 Views
2 Days Discussion Span
Latest Post 14 Years Ago Latest Post by jonathanroy

diafol

14 Years Ago

What bit is causing the problem? BTW - you look as if you're sending the form data to the same page - not recommended. Page refresh/reload can cause this data to be sent again (usually after confirmation popup) if sent to same page.

diafol

14 Years Ago

Sorry for asking - just to clarify:

have you installed php (ie. does phpinfo(); give you any info)?

have you given this page the .php extension? This is important even if it's an include file.

If all above correct, will get back to you.

diafol

14 Years Ago

Hmm, very odd - works for me when I added echo $body at the end of the file.

OS_dev 0 Junior Poster

14 Years Ago

Yeah i am going to update that soon. But all the code above is being echoed out onto the page from a MySQL database. All the php code in there is being echoed out as text, so basically as it looks above.

Let me see if I understand you right. In other words you are saying that you are actually pulling the php code from the database?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Monster Killer 0 Junior Poster in Training · Answer 1 · 2010-03-16T04:09:43+00:00

What bit is causing the problem? BTW - you look as if you're sending the form data to the same page - not recommended. Page refresh/reload can cause this data to be sent again (usually after confirmation popup) if sent to same page.

Yeah i am going to update that soon. But all the code above is being echoed out onto the page from a MySQL database. All the php code in there is being echoed out as text, so basically as it looks above.

Monster Killer 0 Junior Poster in Training · Answer 2 · 2010-03-16T05:19:25+00:00

Sorry for asking - just to clarify:
have you installed php (ie. does phpinfo(); give you any info)?
have you given this page the .php extension? This is important even if it's an include file.
If all above correct, will get back to you.

Thank you for your reply. Yes I have php installed and yes it has the php extension.

Monster Killer 0 Junior Poster in Training · Answer 3 · 2010-03-16T13:40:52+00:00

and so you know, the code on the index page that echo's this out is

<?php echo $body; ?>

which is within the HTML of the index page.

Monster Killer 0 Junior Poster in Training · Answer 4 · 2010-03-17T13:18:53+00:00

Let me see if I understand you right. In other words you are saying that you are actually pulling the php code from the database?

Yes. So, all the code at the top is stored on a MySQL data base and is being echoed out onto a page but it's all echoed as text so you see all the php code as text.

diafol · Answer 5 · 2010-03-17T15:52:04+00:00

Oh - you need to 'eval' the code. THIS IS NOT suggested. Very dangerous.

Monster Killer 0 Junior Poster in Training · Answer 6 · 2010-03-17T21:43:33+00:00

Oh - you need to 'eval' the code. THIS IS NOT suggested. Very dangerous.

Is that the only way of doing this and if so how do you do it?

diafol · Answer 7 · 2010-03-17T22:37:16+00:00

I don't understand why you'd want to store executable code in a DB. Would an include file be a better solution? You can actually edit a file via file_get_contents() - into a textarea / online text editor and then save changes to the file. This can then function as a normal include file. Placing raw php in a DB would make me uncomfortable.

OS_dev 0 Junior Poster · Answer 8 · 2010-03-18T01:03:12+00:00

Is that the only way of doing this and if so how do you do it?

I also wouldn't even think of doing this for any reason. I don't know why you are trying but I can't think of any valid reason for doing such a thing.

That said, I think it is possible but it would take an advanced user to do so. The only way that I can think of doing this is to pull the php code from the database and then run it as a command like exec(insert php code here) or `insert php code here`. Which would then run the code against the server via command line and report back the output which you would then have to echo to the browser. This is, I assume what is going on in the back end anyway, but judging from what I see here I would say that this is not an option and you should save the contents of the database to a file and run the file.

Monster Killer 0 Junior Poster in Training · Answer 9 · 2010-03-18T01:55:14+00:00

Ok, instead i decided to create a seperate page and just put the code on there instead. I was trying to echo it out as the pages body since its a contact form but instead i have just created it's own page.

Thank's for everyone who helped though.

diafol · Answer 10 · 2010-03-18T04:36:50+00:00

Are we solved?

Monster Killer 0 Junior Poster in Training · Answer 11 · 2010-03-18T05:24:41+00:00

Are we solved?

More of a work around but at least it works. So yeah basic it's solved.

jonathanroy 0 Newbie Poster · Answer 12 · 2010-03-18T10:26:35+00:00

Yes you can do

<?php
   eval($Variable_Holding_PHP_code);
?>

But make sure you do this safely.