当前位置: 文江博客 话题详情

PHP 让我远离 eval ;) 字符串内的变量

发布于 2024-11-04 22:49:55 字数 746 浏览 1 评论 0 原文

由于我现在不想进入的原因,我有一个像这样的字符串:

<div>$title</div>

使用 mysql_real_escape_string 存储在数据库中。

在正常脚本执行期间,该字符串被解析并存储在变量 $string 中,然后发送到 function($string)

在这个函数中,我试图:

function test($string){
  $title = 'please print';
  echo $string;
}
//I want the outcome to be <div>please print</div>

这似乎是最愚蠢的事情,但就我的一生而言,我无法让它“解释”变量。

我也尝试过,

echo html_entity_decode($string);
echo bin2hex(html_entity_decode($string)); //Just to see what php was actually seeing I thought maybe the $ had a slash on it or something.

当我的思绪不断转向使用 EVAL() 时,我决定在这里发帖。

当然,这只是伪代码。解决这个问题的最佳方法是什么?

原文

For reasons I'd rather not get into right now, I have a string like so:

<div>$title</div>

that gets stored in a database using mysql_real_escape_string.

During normal script execution, that string gets parsed and stored in a variable $string and then gets sent to a function($string).

In this function, I am trying to:

function test($string){
  $title = 'please print';
  echo $string;
}
//I want the outcome to be <div>please print</div>

This seems like the silliest thing, but for the life of me, I cannot get it to "interpret" the variables.

I've also tried,

echo html_entity_decode($string);
echo bin2hex(html_entity_decode($string)); //Just to see what php was actually seeing I thought maybe the $ had a slash on it or something.

I decided to post on here when my mind kept drifting to using EVAL().

This is just pseudocode, of course. What is the best way to approach this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

是你 2024-11-11 22:50:03

你的例子有点抽象。但看起来你可以做模板引擎对这些情况做的事情:

function test($string){
   $title = 'please print';

   $vars = get_defined_vars();
   $string = preg_replace('/[$](\w{3,20})/e', '$vars["$1"]', $string);

   echo $string;
}

现在实际上,/e与使用eval几乎相同。但至少这只能替换实际的变量名称。还可以做得更复杂一点。

Your example is a bit abstract. But it seems like you could do pretty much what the template engines do for these case:

function test($string){
   $title = 'please print';

   $vars = get_defined_vars();
   $string = preg_replace('/[$](\w{3,20})/e', '$vars["$1"]', $string);

   echo $string;
}

Now actually, /e is pretty much the same as using eval. But at least this only replaces actual variable names. Could be made a bit more sophisticated still.

回复 原文
汹涌人海 2024-11-11 22:50:03

我认为没有办法让它发挥作用。您正在尝试这样的事情:

$var = "cute text";
echo 'this is $var';

单引号阻止解释器在字符串中查找变量。当您回显字符串变量时,情况也是如此。

解决方案是一个简单的 str_replace

echo str_replace('$title', $title, $string);

但在这种情况下,我真的建议在文本中使用唯一的模板变量。

I don't think there is a way to get that to work. You are trying something like this:

$var = "cute text";
echo 'this is $var';

The single quotes are preventing the interpreter from looking for variables in the string. And it is the same, when you echo a string variable.

The solution will be a simple str_replace.

echo str_replace('$title', $title, $string);

But in this case I really suggest Template variables that are unique in your text.

回复 原文
梨涡少年 2024-11-11 22:50:03

你只是不这样做,变量是一个有生命的东西,像这样将它存储在数据库中的字符串中是违反其本质的。

如果您想用变量的内容替换字符串的某些部分,请使用sprintf()

示例

$stringFromTheDb = '<div>%s is not %s</div>';

然后将其与:一起使用

$finalString = sprintf($stringFromTheDb, 'this', 'that');

echo $finalString;

将导致:

<div>this is not that</div>

You just don't do that, a variable is a living thing, it's against its nature to store it like that, flat and dead in a string in the database.

If you want to replace some parts of a string with the content of a variable, use sprintf().

Example

$stringFromTheDb = '<div>%s is not %s</div>';

Then use it with:

$finalString = sprintf($stringFromTheDb, 'this', 'that');

echo $finalString;

will result in:

<div>this is not that</div>
回复 原文
旧故 2024-11-11 22:50:03

如果您知道div内的变量是$title,则可以str_replace它。

function test($string){
  $title = 'please print';
  echo str_replace('$title', $title, $string);
}

如果您不知道字符串中的变量,可以使用正则表达式来获取它们(我使用了 PHP 手册)。

function test($string){
  $title = 'please print';
  $vars = '/(?<=\$)[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*/';
  preg_match_all($vars, $string, $replace);
  foreach($replace[0] as $r){
    $string = str_replace('
.$r, $r, $string);
  }
  echo $string;
}

If you know that the variable inside the div is $title, you can str_replace it.

function test($string){
  $title = 'please print';
  echo str_replace('$title', $title, $string);
}

If you don't know the variables in the string, you can use a regex to get them (I used the regex from the PHP manual).

function test($string){
  $title = 'please print';
  $vars = '/(?<=\$)[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*/';
  preg_match_all($vars, $string, $replace);
  foreach($replace[0] as $r){
    $string = str_replace('
.$r, $r, $string);
  }
  echo $string;
}
回复 原文
~没有更多了~

关于作者

梦中楼上月下

暂无简介

0 文章
0 评论
612 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

烙印

文章 0 评论 0

singlesman

文章 0 评论 0

给自己一个微笑

文章 0 评论 0

独孤求败

文章 0 评论 0

晨钟暮鼓

文章 0 评论 0

我是自愿种绣球花的

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文