Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.

Load TPL from MySQL

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Feature Requests
View previous topic :: View next topic  

Should templates be loadable from a database or is it just a danger?
Go for it
90%
 90%  [ 18 ]
Too Dangerous
10%
 10%  [ 2 ]
Total Votes : 20

Author Message
Silex
Smarty Rookie


Joined: 19 Apr 2003
Posts: 5
Location: In the rain

PostPosted: Sat Apr 19, 2003 11:03 pm    Post subject: Load TPL from MySQL Reply with quote

Can their be an option to load templates from a mysql database?
This way, it would be easier for users to edit their templates without having to deal with the fileserver.

However, certain protections must be made against SQL injection.
_________________
Life is like licking honey off a thorn
Back to top
View user's profile Send private message Visit poster's website AIM Address MSN Messenger
mohrt
Administrator


Joined: 16 Apr 2003
Posts: 7368
Location: Lincoln Nebraska, USA

PostPosted: Sat Apr 19, 2003 11:42 pm    Post subject: Reply with quote

Use a custom resource handle to do it.

http://smarty.php.net/manual/en/templates.from.elsewhere.php

Monte
Back to top
View user's profile Send private message Visit poster's website
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Sun Apr 20, 2003 3:16 am    Post subject: Reply with quote

Absolutley, but only if provided via a resource and not built-in to the core Smile.

xo boots
Back to top
View user's profile Send private message
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Fri May 09, 2003 10:36 pm    Post subject: Reply with quote

Here is a quick 'n dirty resource for those who want to do this. It uses the dbx module so that it is not specific to mysql. It requires you to setup a global variable $link which you should setup in your main PHP before you call display. It assumes the templates won't change during the evaluation of the template, so it locally caches db results for efficiency.

NOTE: This is not production level code -- always scrub your input before you submit it to your db to avoid nasty SQL injections.

eg.

Code:
$link = dbx_connect (DBX_MYSQL, "", "db", "user", "password");
$smarty->display('smartydb:html_page');
dbx_close ($link);


The plugin resource...
Code:
<?php

/*
* Smarty plugin
* -------------------------------------------------------------
* Type:     resource
* Name:     smartydb
* Purpose:  read template from a db
* -------------------------------------------------------------
*/

$tpls=array();

function smarty_resource_smartydb_getrec(&$smarty, $tpl_name)
{
   global $link, $tpls;
   if (isset($tpl_name)) {
       if (!isset($tpls[$tpl_name])) {
            $SQL = "SELECT template.source, UNIX_TIMESTAMP(template.timestamp), template.secure, template.trusted FROM template WHERE template.name='$tpl_name';
            $result = dbx_query($link, $SQL, DBX_RESULT_INDEX );

            if ( is_object($result) ) {
              $tpls[$tpl_name] = $result->data[0];
              return true;
            }
            else if ( $result == 1 ) {
              $tpls[$tpl_name] = array("", microtime(), 0, 0);
                //$smarty->trigger_error("resource_smartydb_source: Query executed successfully, but no result set returned");
               return false;
            }
            else {
              $tpls[$tpl_name] = array("", microtime(), 0, 0);
                $smarty->trigger_error("\n\nresource_smartydb_source: Query failed: ".dbx_error ($link)."\n\n");
               return false;
            }
       } else {
           return true;
       }
   }
   return false;
}

function smarty_resource_smartydb_source($tpl_name, &$tpl_source, &$smarty)
{
   global $tpls;
   if (smarty_resource_smartydb_getrec($smarty, $tpl_name)) {
       $tpl_source = $tpls[$tpl_name][0];
         return true;
    }
   return false;
}

function smarty_resource_smartydb_timestamp($tpl_name, &$tpl_source, &$smarty)
{
   global $tpls;
   if (smarty_resource_smartydb_getrec($smarty, $tpl_name)) {
       $tpl_source = $tpls[$tpl_name][1];
         return true;
    }
   return false;
}

function smarty_resource_smartydb_secure($tpl_name, &$smarty)
{
   global $tpls;
   if (smarty_resource_smartydb_getrec($smarty, $tpl_name)) {
         return $tpls[$tpl_name][2];
    }
   return false;
}

function smarty_resource_smartydb_trusted($tpl_name, &$smarty)
{
   global $tpls;
   if (smarty_resource_smartydb_getrec($smarty, $tpl_name)) {
         return $tpls[$tpl_name][3];
    }
   return false;
}

?>



And the mysql for the table...
Code:
DROP TABLE IF EXISTS template;
CREATE TABLE template (
  id int(11) unsigned NOT NULL auto_increment,
  name varchar(200) NOT NULL default '',
  source mediumtext NOT NULL,
  secure tinyint(1) NOT NULL default '1',
  trusted tinyint(1) NOT NULL default '1',
  timestamp timestamp(14) NOT NULL,
  PRIMARY KEY  (id)
) TYPE=MyISAM;


Have fun!


Last edited by boots on Sun May 11, 2003 12:49 pm; edited 1 time in total
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Fri May 09, 2003 10:43 pm    Post subject: Reply with quote

if you're unlucky and your provider has no dbx for you, there is a starter for mysql at:
http://smarty.php.net/manual/en/templates.from.elsewhere.php

but i have to follow boots with:
have fun! Smile
Back to top
View user's profile Send private message Send e-mail Visit poster's website
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Fri May 09, 2003 10:49 pm    Post subject: Reply with quote

Yes, I only posted to give people a starting point. I realize that many are using direct access or another abstraction layer over dbx, but at least my example shows a quick 'n dirty way of removing the db handling from the resource.

Plus, dbx is faster than PHP based db-abstraction libs. Smile
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Fri May 09, 2003 11:01 pm    Post subject: Reply with quote

hmrpf. i proposed the link without reading the example. i swear i read a native mysql-example some day at this place. but the example teaches good practice to use some kind of sql-abstraction at any place you use a database: let it be dbx, or something homegrown, or something that suits the needs of the rest of your appliction, so it is needed and initialized anyway.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Feature Requests All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP