Rukk
(Rukavina Darko)
October 26, 2011, 9:16am
1
Hi, i am thinking of putting some php code in my db, the idea behind this is that i will have a table with different gadgets like counter,timer…(id,name,code) and a main task table(id,task,description) that will load different gadgets for every task, like:
[i]task1
description1
timer1
counter1[/i]
[i]task2
description2
counter2
counter3
…[/i]
is this a good idea, or should i use more conventional methods?? I want the ability that users submit their own gadgets.
Any suggestions welcome
Thanks
marco
(marco@sms)
October 26, 2011, 9:39am
2
Letting User submit any PHP code is a high security risk, keep that in mind!
As for your question:
How about let the user upload php files with user defined widgets. The database will only contain widget names associated with these files.
Rukk
(Rukavina Darko)
October 26, 2011, 10:04am
3
like images??
Didn’t think about that. I like the idea.
For security i thought that the admin or moderator must approve it first.
marco
(marco@sms)
October 26, 2011, 10:12am
4
Yes, approving is a good mechanism for that.
Like images. Users can contribute their "widgets", others can select them from the database and use it in any place.
Rukk
(Rukavina Darko)
October 26, 2011, 9:26pm
5
thanks for the quick reply.
One more thing, how to store parametars(the time for timers or number for countrs…) for "gadgets"? I was planing for a few tables:
[b]
user[/b]
[i]id
name
pass
…[/i]
user_has_task (link table)
[i]user_id
task_id[/i]
task
[i]id
task
description[/i]
[b]
task_has_gadget[/b] (link table)
[i]task_id
gadget_id[/i]
[b]
gadget[/b]
[i]id
name
path
[/i]
i was thinking to use a array for parameters of gadgets, the problem is where to put them, in what table?? Any iseas?
marco
(marco@sms)
October 27, 2011, 6:51am
6
well, nice designed you would have a table for the parameters like
parameters
[i]name
value
gadget_id[/i]
But I think you could also store a serialized array anywhere as a quick solution.
For the invocation of your widget/gadget with parameters you can user
http://de2.php.net/manual/en/function.call-user-method-array.php
This way you can use clean parameters on your methods. Please do NOT use on parameter for your widget as array.