How best to store the html for embedding?
the only ways I can think of are:
take the embed html and add <?php echo $var1; ?> where the id s go then store it in the db and use Eval to execute it.
or
insert a strange combination of characters to act as a marker to be replaced in php by the id s.
Option #2 is much safer - just in case someone manages to execute a SQL injection attack against your DB, they can t then exploit your embedding operation to execute injected PHP on the server side. The best they could hope for would be a phishing or XSS attack.
Another alternative is to format the appropriate data in XML and store in the database an XSLT to transform the data into the right embed code. That s probably overkill for your case, but more scalable and less error-prone than either of the above.
EDIT: Skeleton code for XML version
<video>
<url>http://example.com/video.flv</url>
</video>
<?xml version="1.0" encoding="ISO-8859-1"?>
<xsl:transform version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="xml" />
<xsl:template match="video">
<xsl:element name="embed">
<xsl:attribute name="src"><xsl:value-of select="url/text()" /></xsl:attribute>
<xsl:attribute name="width">500</xsl:attribute>
</xsl:element>
</xsl:template>
</xsl:transform>
// assuming the XSLT above is stored in SomeTable.transform, and the above XML has been stored in $xml_text
$xml_doc = new DOMDocument();
$xml_doc->loadXML($xml_text);
$xsl_doc = new DOMDocument();
$xsl_doc->loadXML(GetXSLT("flv"));
$processor = new XSLTProcessor();
$processor->importStyleSheet($xsl_doc);
echo $processor->transformToXML($xml_doc);
function GetXSLT($type)
{
$db = mysql_connect("user", "password", "host"); // not sure if I got the order right here, but whatever
$res = mysql_query("SELECT transform FROM SomeTable WHERE type = $type "); // should use parameters instead of directly embedding the type here to avoid bugs and exploits, but whatever
$array = mysql_fetch_assoc($res);
return $array[ transform ];
}
The nice part about this is that you can create a class to generate the input XML, and it can contain all the parameters you want to pass to your <embed> tag. If you don t add processing instructions to your XSLT to handle them, they ll be silently ignored. Make one class to generate the basic XML, and a subclass per media type you want to display, and generating the XML to pass the transforms should be easy.
Why not just store the 11-character video code and then build the HTML wherever you want to embed that video?
See this: How to embed YouTube videos in PHP?
I noticed that there were some threads with similar questions, and I did look through them but did not really get a convincing answer. Here s my question: The subquery below returns a Table with 3 ...
<?php $con=mysql_connect("localhost","mts","mts"); if(!con) { die( unable to connect . mysql_error()); } mysql_select_db("mts",$con); /* date_default_timezone_set ("Asia/Calcutta"); $date = ...
我把我的用心从使用QQL转向MySQL。 它与凯科特合作,现在不工作,因为我已经改变,使用MySQL。 这里的错误信息是:
We have a restaurant table that has lat-long data for each row. We need to write a query that performs a search to find all restaurants within the provided radius e.g. 1 mile, 5 miles etc. We have ...
Is it possible in php to return a specific row of data from a mysql query? None of the fetch statements that I ve found return a 2 dimensional array to access specific rows. I want to be able to ...
Our website was developed with a meta tag set to... <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> This works fine for M-dashes and special quotes, etc. However, I ...
What are some of the strategies being used for pagination of data sets that involve complex queries? count(*) takes ~1.5 sec so we don t want to hit the DB for every page view. Currently there are ~...
My table looks like person_id | car_id | miles ------------------------------ 1 | 1 | 100 1 | 2 | 200 2 | 3 | 1000 2 | 4 | 500 I need to ...