ok. I have a table in my database named pages. I am using one script to view all my pages by selecting the row from the table that corresponds to the variable set in the URL. An example would be index.php?view=news would search the database for a news row and then return the contents as the variable &text. I have a value in each row to specify if the content is code or html. Next I have 2 if statements that check if its code or html, and then depending on what the result is, it displays the text in either an echo, or an eval. Is this the most efficient way to do this, or is there a better more precise way?
here is my code
$dbhost = "localhost" ;
$dbuser = "xxxxx" ;
$dbpass = "xxxxx" ;
$db = "mydb" ;
$default = "news" ;
if (empty($view)) $view = $default;
$connect = mysql_connect($dbhost, $dbuser, $dbpass) ;
mysql_select_db($db,$sql) ;
navigation($action,"") ;
mysql_close($sql) ;
function navigation($view,$name)
{
global $sql
$sql = mysql_query("SELECT * FROM pages where and name='$page'",$connect) ;
$check = mysql_fetch_array($sql);
$text = stripslashes($check
);
$type = strtolower($check[type]);
if ($type == "html") echo $text;
if ($type == "code") eval($text);
}
also, when i do eval on a login page i have that works when parsed regular when loading login.php, it creates an eval error when i insert it into the database.
