write php code to mysql?

Question

Is there any possibility to write php code to mysql and then use it in php, in order to process the output, not just write it?

I would like to use mysql, instead of included file...if it is possible.

Answer 1

eval

Answer 2

For the love of ${DEITY}, no!!!

Answer 3

You can use the eval() function to run a string as PHP code.

Store the string in the database and then get it from a query and run eval.

As everyone here will be saying, this isn't the best practice. There's a good chance that there is a better solution that you just haven't thought of yet. If there isn't, make sure the values in the database are not user editable of there could be some serious problems!

Alternatively, if you want to play it safer, you could define the PHP functions that can be called, and just store the function name. Then use call_user_func() to run the function!

This is much safer since you have explicitly defined the functions available to be run, but less flexible of course.

Answer 4

Sure you can, you may use eval. But beware - eval is evil and if it contains user input a malicious user may take over your server. So, please, be kind, and don't use eval!

Answer 5

As others have answered, yes, that is possible; you can use eval() to run arbitrary PHP code. But it is rarely if ever a good idea to store PHP in the database and eval() it.

Perhaps you could outline what exactly you want to achieve and why you feel storing PHP in the database is a good solution. That way, if anyone feels he has a better solution for your problem, he can suggest it.

Answer 6

Yes you can store the PHP code like any other text and then use eval() to run it.

But: You won't get any warnings/errors if your code is wrong, only on runtime. This makes debugging your code extremely difficult.

So don't do it!
Really, I am serious about this. In the end, you will have a lot more work.

Besides that, without this database thing, your code is also easier to read and understand by others. They don't need to know what code is in the database, they can just look up the file that is included.

Answer 7

Sure it is possible and can be a good speed improvement. I'm using the cms "contenido" (www.contenido.org) where this practice is used for some editable components, (layouts/modules/data types etc.). Finally all code for one article is stored in one field and is performed with one eval call. Contenido is not perfect, nevertheless a good example for this practice.

Missing version control is a disadvantage. But it is not a real problem with a simple way to export and import the code fragments.

Answer 8

As everyone says it's a bad practice to store your code in database and use eval function. My personal reasons are:

• I care about debugging (there are plugins for php that let you debug your php code. PHP debugger is integrated in PhpEd and I believe it is integrated in NetBeans too) and it would be more difficult with eval.

• Performance issues:

The speed of eval Besides security concerns eval also has the problem of being incredibly slow. In my testing on PHP 4.3.10 its 10 times slower then normal code and 28 times slower on PHP 5.1 beta1. (Source: http://blog.joshuaeichorn.com/archives/2005/08/01/using-eval-in-php/)

EDIT: Here are my results from testing script above on my machine (PHP 5.3.0):

Eval: 1000000 times took 8.2261250019073n

Same code not eval: 1000000 times took 0.27089691162109n

Eval in function: 1000000 times took 0.8873131275177n

So "evaled" code is 30.4 times slower than not evaled version of the same code.