PHP code in SQL displayed in page

Question

I want to be able to store PHP code in an SQL Database and display that whenever it is called. I don't want to use include and make loads of files. I want to be able to just put them all in SQL and call them when I want. How can I do this?

I have

$GETPAGE = "SELECT PA_CONTENT from pages where PA_NAME = '$page'";
$GETPAGE2= mysql_query($GETPAGE);
$GETPAGE3= mysql_fetch_array($GETPAGE2);
echo $GETPAGE3[PA_CONTENT];

but it echo's it out visible. Should I replace echo for something else?

Thanks

Answer 1

You can evaluate a string as code by using eval() http://php.net/manual/en/function.eval.php

BUT this is not recommended, see also the warning on that page:

The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand.

Answer 2

You can use eval() to execute code that's in strings. Just make sure that you absolutely trust the code that's being run - it will run any PHP code it's given, so it could do malicious things if it's so instructed.