Hi this is scorpionz:

I need to know how to insert PHP block in database using PHP, because i am generating random tables.
So i need that to insert:

Here is the query:

<?php

$sql_insert_revisions	=	'INSERT INTO node_revisions(nid,vid,uid,title,body,teaser,TIMESTAMP,FORMAT)
VALUES
('.$nid_ins.','.$vid_ins.','.$user_id.','.$ad_title_view.',
'"<?php  $block = module_invoke('block', 'block', 'VIEW', 66);  print $block['content'];?>"',
'"<?php  $block = module_invoke('block', 'block', 'VIEW', 66);  print $block['content']; ?>"',1248762134,3)';

?>

Any response will be highly aprreciated:

Regards
scorpionz

Recommended Answers

All 2 Replies

Hi this is scorpionz:

I need to know how to insert PHP block in database using PHP, because i am generating random tables.
So i need that to insert:

Here is the query:

<?php

$sql_insert_revisions	=	'INSERT INTO node_revisions(nid,vid,uid,title,body,teaser,TIMESTAMP,FORMAT)
VALUES
('.$nid_ins.','.$vid_ins.','.$user_id.','.$ad_title_view.',
'"<?php  $block = module_invoke('block', 'block', 'VIEW', 66);  print $block['content'];?>"',
'"<?php  $block = module_invoke('block', 'block', 'VIEW', 66);  print $block['content']; ?>"',1248762134,3)';

?>

Any response will be highly aprreciated:

Regards
scorpionz

Save the PHP you want to insert in a variable. That way you can automatically escape it using mysql_real_escape_string() or similar.

Eg:

$content = "<?php  $block = module_invoke('block', 'block', 'VIEW', 66);  print $block['content'];?>";

$content = mysql_real_escape_string($content, $db_resource);

Note: Why are you saving PHP to the database? Usually you should save it to a file instead. That way you don't have to use eval() on it later, just an include() on the file.

If you save in DB, make sure you don't have any SQL injections. Otherwise you've create a remote code execution vulnerability.

Thanks...

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.