little PHP help

They have: 47 posts

Joined: Jun 2001

Hi all,
I need to combine two words to form a variable and echo it's value (defined by a constant) How can I do this in PHP? Heres the scenario:

<?
// I have a defined a constant

define("ECOSETUP", 10);

// I have a post value from a form which contains a value

$name=ECO

// I do something like this to combine the two

echo $name.'SETUP';

/*this gives me ECOSETUP as the output. What do I need to do to get 10 as my output using one line of code? I need to use the two words because I want to define differnt aspects of the same item ie SETUP, DEV,MONTHLY etc ie we will have ECOSETUP, ECODEV, ECOMONTHLY etc */
?>

Any ideas? I am sure it is pretty simple.
Thanks

?>

Renegade's picture

He has: 3,022 posts

Joined: Oct 2002

Not too sure if this will work but, have your tried:

<?php
define
(\"ECOSETUP\", 10);
$name=ECO
echo
$name . SETUP;
?>

The single quotes are parsed as litteral or something like that so putting the constant in single quotes will actually pass what's in the quotes rather than the constant itself.

Just a guess...

dk01's picture

He has: 516 posts

Joined: Mar 2002

http://php.benscom.com/manual/en/language.variables.variable.php#12841

Unfortunately its not possible and is the nature of constants. Add your variable to the $_GLOBALS array instead if you wish to be able to do this.

-Jim

Greg K's picture

He has: 2,145 posts

Joined: Nov 2003

<?php
    define
(\"ECOSETUP\",10);
define(\"TMPSETUP\",20);
     
$name1 = \"ECO\";
$name2 = \"TMP\";
     
eval(\"\$val1 = \" .
$name1 . \"SETUP;\");
$val2 = constant($name2 . \"SETUP\");
     
echo \"val1 =
$val1 \n\";
echo \"val2 =
$val2 \n\";
?>

Either one of those seems to work, the second method seems to use a function designed for this. I found the second method in the link that dk01 provided.

-Greg

PS. Don't forget to make sure you have checking in place to make sure it is only calling defined constants.

dk01's picture

He has: 516 posts

Joined: Mar 2002

Greg K wrote:

<?php
    define
(\"ECOSETUP\",10);
define(\"TMPSETUP\",20);
     
$name1 = \"ECO\";
$name2 = \"TMP\";
     
eval(\"\$val1 = \" .
$name1 . \"SETUP;\");
$val2 = constant($name2 . \"SETUP\");
     
echo \"val1 =
$val1 \n\";
echo \"val2 =
$val2 \n\";
?>

Either one of those seems to work, the second method seems to use a function designed for this. I found the second method in the link that dk01 provided.

-Greg

PS. Don't forget to make sure you have checking in place to make sure it is only calling defined constants.

Nice find!

dk01's picture

He has: 516 posts

Joined: Mar 2002

BTW the second is faster because it avoids using eval. Eval is notoriously bad for your code's speed. Especially if you intend on doing it many times. Instead use the constant() method.

They have: 47 posts

Joined: Jun 2001

Thanks all...very helpful. I have actually completed the code today...thanks to you. HAPPY NEW YEAR !! Cheers!

dk01's picture

He has: 516 posts

Joined: Mar 2002

*happy new years to you too!*

JeevesBond's picture

He has: 3,956 posts

Joined: Jun 2002

dk01 wrote: Eval is notoriously bad for your code's speed. Especially if you intend on doing it many times. Instead use the constant() method.

I know this is off-topic, but vBulletin (the forum software we use) uses eval all the time, does constant() perform the same functionality (parse code in a variable)?

Could you substantiate that dk01? Do you know of someone who's tested the function, maybe you could provide links? Thanks.

a Padded Cell our articles site!

dk01's picture

He has: 516 posts

Joined: Mar 2002

I stand corrected. eval() in php is not inefficient but it is a security risk. There is debate over whether it should be used at all but most programmers agree that unless you are drawing the data from a database or trusted source then you should not use it. The reason is that it can execute arbitrary code. So for example if you have register globals on then this could be dangerous. So.. for some references. You mentioned vBulletin? Here is an exploit for that project caused by the fact that it uses eval:
http://www.osvdb.org/14047

Another few articles on the subject: http://www.sitepoint.com/blogs/2005/02/27/eval-is-dead-long-live-eval/
http://www.phpwact.org/security/functions/eval_functions?DokuWiki=064b51a8941c7b29c4e07fd16ce1...

I found this interesting because I know in javascript eval will actually make your code slower. (Try having several large eval's running in js, its notably slower)

JeevesBond's picture

He has: 3,956 posts

Joined: Jun 2002

Ah, thanks for that dk01!

Luckily most of the eval stuff in vB is pulled from a database, but in that exploit it seems that a get variable is being eval'd ... Very dangerous, they're a bit silly to allow that to happen!

Haven't had to use eval in JavaScript yet, will make a note to avoid it like the plague. Smiling

a Padded Cell our articles site!

They have: 5 posts

Joined: Jul 2011

BTW the additional is faster because it avoids application eval. Eval is awfully bad for your code's speed. Especially if you intend on accomplishing it abounding times. Instead use the constant() method.

They have: 1 posts

Joined: Jan 2012

Is whether it should use, but most programmers agree that, unless you are drawing data from a database or a trusted source, then you should not use it for debate.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.