HTML邮件中的PHP代码
[英]PHP code in HTML mail
问题描述
I am working on an application that is used for managing the groups of recipients and multiple contents to send 
我正在开发一个应用程序,用于管理收件人组和要发送的多个内容
I want to use different html design so i saved it in a table with some PHP code in it. 我想使用不同的html设计,所以我将其保存在带有一些PHP代码的表中。
But problem is this, I m not getting the PHP code executed when send mail using these HTML contents. 但是问题是,使用这些HTML内容发送邮件时,我没有执行PHP代码。
I m using PHPMailer for sending mails and saved HTML contents using addslashes and getting back with stripslashes. 我正在使用PHPMailer发送邮件并使用addslashes保存HTML内容并使用stripslashes返回。
Thanks. 谢谢。
1 个解决方案
解决方案1
3 已采纳 2011-10-29 08:48:32
Saved HTML contents using addslashes and getting back with stripslashes.
That's bad. 那很糟。 I don't know why you did, but if your intention was to escape queries, use mysql_real_escape_string() , or an analgoue function for your DB driver (or use parametrized queries). 我不知道你为什么这么做,但如果你的意图是逃避查询,请使用mysql_real_escape_string()或数字驱动程序的analgoue函数(或使用参数化查询)。
If your intention was to, I don't know, sanitize html? 如果您的意图是,我不知道要对HTML进行清理? well, that's useless. 好吧,那没用。 So no need to add slashes here for any reason. 因此无需出于任何原因在此处添加斜杠。
But problem is this, I m not getting the PHP code executed when send mail using these HTML contents.
Because your content is returned as a string, so PHP will read it as such, tags included. 因为您的内容是以字符串形式返回的,所以PHP会将其读取为包含的标签。
A dirtiest solution, AND HIGHLY DISCOURAGED , is using eval() to evaluate php code and have it executed. 一个最脏的解决方案, 高度解密 ,使用eval()来评估PHP代码并执行它。 But this is very risky and can lead to serious security problems, so I'm not even going to show you some example :) 但这是非常危险的,可能会导致严重的安全问题,所以我甚至不会向你展示一些例子:)
The BEST SOLUTION is to use some sort of templating system. 最佳解决方案是使用某种模板系统。 I'm not suggesting using Smarty or another full-blown template engine, but you can roll-out a simple custom-code parser that can work along these lines: 我不是建议使用Smarty或其他完整的模板引擎,但是你可以推出一个可以在这些方面工作的简单自定义代码解析器:
You save your variables using a placeholder, like 您可以使用占位符保存变量,例如
{{variable_text}} {{recipient}} {{address}}
or something like this. 或类似的东西。 The you just replace what you need, so in your PHP script that reads this e-mail you can do like 您只需替换所需的内容,因此在读取此电子邮件的PHP脚本中,您可以像
$change = array('recipient' => 'John Smith',
'address' => 'Unknown Avenue, 666',
'variable_text' => 'We are glad to invite you to');
$text = '<p>To: {{recipient}}.</p>
<p>Address: {{address}}.</p>
Message: Dear{{recipient}}<br />{{variable_text}}';
foreach($change as $k => $v)
{
$text = str_replace('{{'.$k.'}}', $v, $text);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.