Home/ Questions/Q 6795023
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T18:17:34+00:00

Let’s say I load a value from a database which return something like: <?php

  • 0

Let’s say I load a value from a database which return something like:

<?php
//Zend_Controller_Action
public function indexAction()
{
  $dbContent = "<p>Hello <?php echo $user?>!</p>";
  $this->view->paragraph = $dbContent;
}
?>

How is it possible, that 

<?php echo $user?>

will be rendered?

What precaution need to be taken (safety issuses, XXS)?

Thanks so much indeed!

== Edit: ==
Sorry, I obviously formulated my question misunderstandingly. What I actually ment:

I would like to avoid implementing a template engine like smarty.

In my project, there will be content that has PHP-Code within a string and that needs to be parsed.

Example:

<?php
//Zend_Controller_Action
public function indexAction()
{
  $dbContent = "<p>Hello <?php echo $user?>!</p>";
  $this->view->paragraph = $dbContent;
}

<?php
//viewscript.phtml
$user = 'John Doe';
echo $this->paragraph;
?>

is supposed to output:

Hello John Doe!

Is there any safe solution to do this without an external template engine?

Thanks once more… 🙂

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If found a solution here, which seems to perfectly fill my needs.

    Thanks to all who answered here,

    ==UPDATE==

    Unfortunately the posted link is dead. However, the solution was pretty simple. As far as i Remember, it went through the following steps:

    1. Fetch content from database and save it in a file
    2. Use Zend_Cache to check, whether this file exists
    3. If file exists, simply render it. If not, go to step 1.

    ==UPDATE II ==
    Found a copy of the page:
    archive.org

    • 0