mysql/php - 在数据库中存储 html 模板
我想知道将 html 模板存储在数据库中的最佳方法,我可以在数据库中检索它们并插入变量。
显然我可以将它们存储为 php,然后“EVAL”记录......但我听说这是邪恶的。
有更好的办法吗? :)
编辑:
抱歉我不清楚...我试图通过说 html 模板来简化它...我真正的意思是小的可嵌入 html 元素(想想 youtube)...而不是整个网站。
I am wondering the best way to store html templates in a database where I am able to retrieve them and insert variables.
Obviously I could store them as php and then 'EVAL' the record.... but I heard it was evil.
is there a better way? :)
edit:
Sorry I wasn't clear... I tried to simplify it by saying html templates... what I really meant was small embed-able html elements (think youtube)... rather than an entire site.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我还建议不要将 HTML 存储在数据库中。将它们作为模板存储在文件系统上并在需要时包含它们或解析它们要方便得多。我还建议使用 Smarty 之类的东西。这是一个非常方便的工具。
但是,如果您更愿意手动执行此操作,这就是我要做的。
首先,我会将模板存储在文件系统上的文件中。如果您更愿意使用数据库,可以这样做。只需知道数据库在用于此类操作时通常会导致更多开销。
例如,对于 YouTube 视频:
然后我只需
str_replace
其中的 PHP 变量,就像 PHP 本身对字符串所做的那样。就这样了。
您当然可以使用
之类的占位符,只需
包含
模板,但这会让您面临注入攻击的风险。这是比较安全的路线。I would also advice against storing the HTML inside the database. It's much more convenient to store them as templates on the file-system and include them or parse them when needed. I also recommend using something like Smarty. A very handy tool, that is.
However, if you would rather do it manually, here is what I would do.
First, I would store the template in a file on the file-system. If you would rather use a database, that can be done to. Just know that a database will, usually, cause more overhead when used for stuff like this.
For example, in the case of a YouTube video:
Then I would simply
str_replace
the PHP variables in there, much like PHP itself does with strings.And that would be it.
You could of course use
<?php $width; ?>
-like placeholders and justinclude
the template, but that leaves you at risk for injection attacks. This is the safer route.Mark,你需要在数据库中存储模板吗?每次请求这些模板时,这都会给数据库服务器增加沉重的负担,除非您缓存它们。
将此与具有内置缓存以简化文件读取的文件系统进行比较。
另外,您不会遇到使用 eval() 可能产生的潜在安全漏洞。
Mark, do you need to store templates in the database? This will add a heavy burden to your DB server every time those templates are requested, unless you cache them.
Compare this to the filesystem which has built-in caches to streamline file reads.
Plus you won't have the potential security hole that may come from using eval().
无需重新发明轮子,您可以使用模板引擎并将模板本身存储在数据库中。就我个人而言,我喜欢将模板存储在文件系统中,因为它使维护变得更简单,但它是您的项目:)
No need to reinvent the wheel, you can use a templating engine and store the templates themselves in a database. Personally I like to store templates in the file-system because it makes things much simpler to maintain, but its your project :)