I have a string, where user can add special mark, for example [include=example_file] and I would like to include "example_file.php" to the place where the mark is.
User's text can be like:
Lorem Ipsum is simply dummy text of the printing and typesetting industry.
Lorem Ipsum has been the industrys standard dummy text ever since the 1500s.
[include=contact_form] // here should be contact_form.php included
Lorem Ipsum is simply dummy text of the printing and typesetting industry.
Lorem Ipsum has been the industrys standard dummy text ever since the 1500s
I use this, to echo user's text, now:
<?php echo $this->view['users_text']; ?>
... and new output should be like:
<?php
// echo first paragraph
include "contact_form.php";
// echo second paragraph
?>
What is the simplest way how to include files finded in those special marks?
Be careful of LFI attacks, but to achieve this, match the placeholder with regex, loop over it, use the value to load the file within a buffer, then replace the placeholder with the buffer.
Like this:
<?php
$content = '
Lorem Ipsum is simply dummy text of the printing and typesetting industry.
Lorem Ipsum has been the industrys standard dummy text ever since the 1500s.
[include=contact_form] // here should be contact_form.php included
Lorem Ipsum is simply dummy text of the printing and typesetting industry.
Lorem Ipsum has been the industrys standard dummy text ever since the 1500s
[include=cat] // here should be cat.php included
';
// match
if (preg_match_all('#\[include=(?P<name>.*?)\]#', $content, $includes)) {
// loop
foreach($includes['name'] as $include) {
// buffer
ob_start();
//include($include.'.php'); // 😲
echo 'I was from '.$include.'.php';
$buffer = ob_get_clean();
// replace
$content = str_replace('[include='.$include.']', $buffer, $content);
}
}
echo $content;