PHP inside ezpages

[DrByte]

I would submit that a jQuery-driven slideshow would be a far better choice, especially for ez-pages.

[DivaVocals]

I would submit that a jQuery-driven slideshow would be a far better choice, especially for ez-pages.

I know, but she is STUCK to the point of OBSESSION on this other slideshow/gallery.. **sigh** She thinks we can just "modify" Zen Cart to make the EZ Pages work the same way defined pages do.. **sigh**

[DrByte]

EZ-Pages were designed to be CMS content, not PHP code. There is no server-side-code-execution support built-in to them, intentionally. They are handled entirely differently from define-pages in the way they are executed. One stores data in the database, one stores it in PHP files. PHP will run from the PHP files, not from the database.

I'm carefully "picking my battles" here: I'm not going to waste my time trying to provide convincing arguments to her -- she clearly has her mind made up, and so any efforts to the contrary are futile.

Make her sign a contract about her willingness to completely absolve you of all responsibility and liability for doing what she requests of you. And triple your fee. :)

[DivaVocals]

EZ-Pages were designed to be CMS content, not PHP code. There is no server-side-code-execution support built-in to them, intentionally. They are handled entirely differently from define-pages in the way they are executed. One stores data in the database, one stores it in PHP files. PHP will run from the PHP files, not from the database.

I will take this information back to her and HOPE she FINALLY get's this..

I'm carefully "picking my battles" here: I'm not going to waste my time trying to provide convincing arguments to her -- she clearly has her mind made up, and so any efforts to the contrary are futile.

TRUST ME, I understand.. and honestly I appreciate that you've taken THIS much time to respond to me.. It's frustrating for me and I am irritated that she continues to ask the very same questions in a different manner hoping that I will give her a different response.. I will pass on the information above and se if she FINALLY gets it..

Make her sign a contract about her willingness to completely absolve you of all responsibility and liability for doing what she requests of you. And triple your fee. :)

Actually because she is REALLY pushing the idea that this is a software modification that I am somehow just stubbornly refusing to do, I provided her with a cost estimate on Friday of what it would take to implement an EZ Page alternative which WOULD support what it is she's asking for.

The estimate was an educated guess (based on my 20 years of experience and a developer friend's input), and it was MORE than triple my fee. I am hoping that this plus passing on the info from your post tonight will FINALLY help her to see that this is not a worthwhile piece of custom development. I have also provided her with a NUMBER of viable alternatives that gets her to her end result as well... (Like using her blog for these gallery pages) I am hoping she will choose a different option..

Thanks for your time and input..

[hermes369]

I had a similar problem with a client with whom I thankfully blessed and parted ways. My solution involved altering the code that draws the ezpage block and, if the page name was "gallery", it would include() files that I stored under a php/ directory in my custom template directory. This worked great for authenticating and pulling images from his CDN and displaying photos from one gallery (he'd manipulate the contents of that gallery on his CDN, not inside Zen-Cart. Of course, that didn't quite cut it as he wanted to have a gallery of galleries (a thumbnail for each gallery, n number of them would provide a gallery with photos and n number with video). I got as far as successfully displaying one gallery, no thumbnail. Then I had to answer questions about how many hours I was billing and I decided to bail.

I find it highly probable that Zen Cart could use a gallery module with galleries loaded locally or from a CDN with options/themes for its display. I have never built a module and find the idea interesting, only, I barely know what the F I'm doing in the first place. :-P

Thanks for letting me vent. I feel better. ;-)

[DivaVocals]

I had a similar problem with a client with whom I thankfully blessed and parted ways. My solution involved altering the code that draws the ezpage block and, if the page name was "gallery", it would include() files that I stored under a php/ directory in my custom template directory. This worked great for authenticating and pulling images from his CDN and displaying photos from one gallery (he'd manipulate the contents of that gallery on his CDN, not inside Zen-Cart. Of course, that didn't quite cut it as he wanted to have a gallery of galleries (a thumbnail for each gallery, n number of them would provide a gallery with photos and n number with video). I got as far as successfully displaying one gallery, no thumbnail. Then I had to answer questions about how many hours I was billing and I decided to bail.

Thankfully this client has let this idea go.. Once I showed her that it would require a substantial bit of work to implement this gallery integration the way she wanted, but using methods that would not pose risks to the site she backed down.. What she is INSISTING on doing with could be served via other means and net the same result.. Hopefully she will let it go and use one of the alternatives I suggested..

I find it highly probable that Zen Cart could use a gallery module with galleries loaded locally or from a CDN with options/themes for its display. I have never built a module and find the idea interesting, only, I barely know what the F I'm doing in the first place. :-P

I hear you!!

Thanks for letting me vent. I feel better. ;-)

No worries..

[mutinyzoo]

I ended up just adding a conditional statement to includes/templates/YOUR_TEMPLATE/templates/tpl_page_default.php

Code:

<?php
if (isset($ezpage_id) and $ezpage_id == 'id')
{
PHP CODE HERE
}
?>

Am using to dynamically generate image list for Zen Lightbox (Color Lightbox, specifically).

Hope that's useful.

[kehrli]

Be sure to thoroughly understand the security risks associated with using the eval() function.

I know you posted this about a billion years ago, but what are the security risks? I don't understand what's dangerous about this code. Wouldn't someone have to overwrite one of your files in order to use this code maliciously? It seems that if they could do that, they could overwrite index.php or .htaccess and have a much easier time of hacking the site.

Note, I'm not arguing. I just don't understand where the risk is. I want to know.

[kuroi]

Wouldn't someone have to overwrite one of your files in order to use this code maliciously? It seems that if they could do that, they could overwrite index.php or .htaccess and have a much easier time of hacking the site.

No they wouldn't need access to the code, just to any part of the admin where text is inserted (e.g. product descriptions or EZ-Pages).

Yes, it would be easier to hack the site if they got direct access to the code. Getting in through the admin and executing PHP gives indirect access to it instead, which is why it's a risk - though a lot has been done to make getting in through the admin more difficult since Dr Byte's earlier post.

[kehrli]

No they wouldn't need access to the code, just to any part of the admin where text is inserted (e.g. product descriptions or EZ-Pages).

Yes, it would be easier to hack the site if they got direct access to the code. Getting in through the admin and executing PHP gives indirect access to it instead, which is why it's a risk - though a lot has been done to make getting in through the admin more difficult since Dr Byte's earlier post.

Ok, thanks. I guess if they have admin access, you're pretty well ****ed already. I'm not sure this would make it much worse.