Related
Here's the information according to the official documentation:
There are four different pairs of
opening and closing tags which can be
used in PHP. Two of those, <?php ?>
and <script language="php"> </script>,
are always available. The other two
are short tags and ASP style tags, and
can be turned on and off from the
php.ini configuration file. As such,
while some people find short tags and
ASP style tags convenient, they are
less portable, and generally not
recommended.
In my experience most servers do have short tags enabled. Typing
<?=
is far more convenient than typing
<?php echo
The programmers convenience is an important factor, so why are they not recommended?
There must be a clear distinction between the PHP short tag (<?) and shorthand echo tag (<?=)
The former is prohibited by the PHP Coding standard, mostly out of common sense because it's a PITA if you ever have to move your code to a server where it's not supported (and you can't enable it). As you say, lots of shared hosts do support shorttags but "lots" isn't all of them. If you want to share your scripts, it's best to use the full syntax.
Whereas the shorthand echo tag <?= cannot be disabled and therefore is fully acceptable to use.
I agree that <? is easier on programmers than <?php but it is possible to do a bulk find-and-replace as long as you use the same form each time.
I don't buy readability as a reason at all. Most serious developers have the option of syntax highlighting available to them.
As ThiefMaster mentions in the comments, as of PHP 5.4, <?= ... ?> tags are supported everywhere, regardless of shorttags settings. This should mean they're safe to use in portable code but that does mean there's then a dependency on PHP 5.4+. If you want to support pre-5.4 and can't guarantee shorttags, you'll still need to use <?php echo ... ?>.
Also, you need to know that ASP tags <% , %> , <%= , and script tag are removed from PHP 7. So if you would like to support long-term portable code and would like switching to the most modern tools consider changing that parts of code.
I'm too fond of <?=$whatever?> to let it go. Never had a problem with it. I'll wait until it bites me in the ass. In all seriousness, 85% of (my) clients have access to php.ini in the rare occasion they are turned off. The other 15% use mainstream hosting providers, and virtually all of them have them enabled. I love 'em.
Starting with PHP 5.4, the echo shortcut is a separate issue from short tags, as the echo shortcut will always be enabled. It's a fact now:
SVN Revision by Rasmus Lerdorf
Mailing list discussion
So the echo shortcut itself (<?=) is safe to use now.
The problem with this whole discussion lies in the use of PHP as a templating language. No one is arguing that tags should be used in application source files.
However PHP's embeddable syntax allows it to be used as a powerful template language, and templates should be as simple and readable as possible. Many have found it easier to use a much slower, add-on templating engine like Smarty, but for those purists among us who demand fast rendering and a pure code base, PHP is the only way to write templates.
The ONLY valid argument AGAINST the use of short tags is that they aren't supported on all servers. Comments about conflicts with XML documents are ludicrous, because you probably shouldn't be mixing PHP and XML anyway; and if you are, you should be using PHP to output strings of text. Security should never be an issue, because if you're putting sensitive information like database access credentials inside of template files, well then, you've got bigger issues!
Now then, as to the issue of server support, admittedly one has to be aware of their target platform. If shared hosting is a likely target, then short tags should be avoided. But for many professional developers (such as myself), the client acknowledges (and indeed, depends on the fact) that we will be dictating the server requirements. Often I'm responsible for setting up the server myself.
And we NEVER work with a hosting provider that does not give us absolute control of the server configuration -- in such a case we could count on running to much more trouble than just losing short tag support. It just doesn't happen.
So yes -- I agree that the use of short tags should be carefully weighed. But I also firmly believe that it should ALWAYS be an option, and that a developer who is aware of his environment should feel free to use them.
Short tags are coming back thanks to Zend Framework pushing the "PHP as a template language" in their default MVC configuration. I don't see what the debate is about, most of the software you will produce during your lifetime will operate on a server you or your company will control. As long as you keep yourself consistent, there shouldn't be any problems.
UPDATE
After doing quite a bit of work with Magento, which uses long form. As a result, I've switched to the long form of:
<?php and <?php echo
over
<? and <?=
Seems like a small amount of work to assure interoperability.
Because the confusion it can generate with XML declarations. Many people agree with you, though.
An additional concern is the pain it'd generate to code everything with short tags only to find out at the end that the final hosting server has them turned off...
Following is the wonderful flow diagram of the same:
Source: similiar question on Software Engineering Stack Exchange
In case anyone's still paying attention to this... As of PHP 5.4.0 Alpha 1 <?= is always available:
http://php.net/releases/NEWS_5_4_0_alpha1.txt
So it looks like short tags are (a) acceptable and (b) here to stay. For now at least...
http://uk3.php.net/manual/en/language.basic-syntax.phpmode.php has plenty of advice, including:
while some people find short tags and
ASP style tags convenient, they are
less portable, and generally not
recommended.
and
note that if you are embedding PHP
within XML or XHTML you will need to
use the <?php ?> tags to remain
compliant with standards.
and
Using short tags should be avoided
when developing applications or
libraries that are meant for
redistribution, or deployment on PHP
servers which are not under your
control, because short tags may not be
supported on the target server. For
portable, redistributable code, be
sure not to use short tags.
Short tags are not turned on by default in some webservers (shared hosts, etc.), so code portability becomes an issue if you need to move to one of these.
Readability may be an issue for some. Many developers may find that <?php catches the eye as a more obvious marker of the beginning of a code block than <? when you scan a file, particularly if you're stuck with a code base with HTML and PHP tightly inter-woven.
Note: Starting in PHP 5.4 the short tag, <?=, is now always available.
I read this page after looking for information on the topic, and I feel that one major issue has not been mentioned: laziness vs. consistency. The "real" tags for PHP are <?php and ?>. Why? I don't really care. Why would you want to use something else when those are clearly for PHP? <% and %> mean ASP to me, and <script ..... means Javascript (in most cases). So for consistency, fast learning, portability, and simplicity, why not stick to the standard?
On the other hand I agree that short tags in templates (and ONLY in templates) seem useful, but the problem is that we've just spent so much time discussing it here, that it would likely take a very long time to have actually wasted that much time typing the extra three characters of "php"!!
While having many options is nice, it's not at all logical and it can cause problems. Imagine if every programming language allowed 4 or more types of tags: Javascript could be <JS or < script .... or <% or <? JS.... would that be helpful? In the case of PHP the parsing order tends to be in favor of allowing these things, but the language is in many other ways not flexible: it throws notices or errors upon the slightest inconsistency, yet short tags are used often. And when short tags are used on a server that doesn't support them, it can take a very long time to figure out what is wrong since no error is given in some cases.
Finally, I don't think that short tags are the problem here: there are only two logical types of PHP code blocks-- 1) regular PHP code, 2) template echoes.
For the former, I firmly believe that only <?php and ?> should be allowed just to keep everything consistent and portable.
For the latter, the <?=$var?> method is ugly. Why must it be like this? Why not add something much more logical?
<?php $var ?>
That would not do anything (and only in the most remote possibilities could it conflict with something), and that could easily replace the awkward <?= syntax. Or if that's a problem, perhaps they could use <?php=$var?> instead and not worry about inconsistencies.
At the point where there are 4 options for open and close tags and the random addition of a special "echo" tag, PHP may as well have a "custom open/close tags" flag in php.ini or .htaccess. That way designers can choose the one they like best. But for obvious reasons that's overkill. So why allow 4+ options?
As of 2019 I disagree with certain answers here. Recommended to use:
1. Long tags
<?php /* code goes here */ ?>
2. Short echo tags
<?= /* code goes here */ ?>
Reason: They are recommended by the PSR-1 basic coding standard
Other short tags like <? /* code goes here */ ?> are not recommended.
The spec says:
PHP code MUST use the long tags or the short-echo
tags; it MUST NOT use the other tag variations.
One situation that is a little different is when developing a CodeIgniter application. CodeIgniter seems to use the shorttags whenever PHP is being used in a template/view, otherwise with models and controllers it always uses the long tags. It's not a hard and fast rule in the framework, but for the most part the framework and a lot of the source from other uses follows this convention.
My two cents? If you never plan on running the code somewhere else, then use them if you want. I'd rather not have to do a massive search and replace when I realize it was a dumb idea.
<? is disabled by default in newer versions. You can enable this like described Enabling Short Tags in PHP.
I thought it worth mentioning that as of PHP 7:
Short ASP PHP tags <% … %> are gone
Short PHP tabs <? … ?> are still available if short_open_tag is set to true. This is the default.
Since PHP 5.4, Short Print tags <?=… ?> are always enabled, regardless of the short_open_tag setting.
Good riddance to the first one, as it interfered with other languages.
There is now no reason not to use the short print tags, apart from personal preference.
Of course, if you’re writing code to be compatible with legacy versions of PHP 5, you will need to stick to the old rules, but remember that anything before PHP 5.6 is now unsupported.
See: https://secure.php.net/manual/en/language.basic-syntax.phptags.php
Note also the the above reference discourages the second version (<? … ?>) since it may have been disabled:
Note:
As short tags can be disabled it is recommended to only use the normal tags (<?php ?> and <?= ?>) to maximise compatibility.
IMHO people who use short tags often forget to escape whatever they're echoing. It would be nice to have a template engine that escapes by default. I believe Rob A wrote a quick hack to escape short tags in Zend Frameworks apps. If you like short tags because it makes PHP easier to read. Then might Smarty be a better option?
{$myString|escape}
to me that looks better than
<?= htmlspecialchars($myString) ?>
It's good to use them when you work with a MVC framework or CMS that have separate view files. It's fast, less code, not confusing for the designers. Just make sure your server configuration allows using them.
One has to ask what the point of using short tags is.
Quicker to type
MDCore said:
<?= is far more convenient than typing <?php echo
Yes, it is. You save having to type 7 characters * X times throughout your scripts.
However, when a script takes an hour, or 10 hours, or more, to design, develop, and write, how relevant is the few seconds of time not typing those 7 chars here and there for the duration of the script?
Compared to the potential for some core, or all, of you scripts not working if short tags are not turned on, or are on but an update or someone changing the ini file/server config stops them working, other potentials.
The small benefit you gain doesn't comes close to outweighing the severity of the potential problems, that is your site not working, or worse, only parts of it not working and thus a headache to resolve.
Easier to read
This depends on familiarity.
I've always seen and used <?php echo. So while <?= is not hard to read, it's not familiar to me and thus not easier to read.
And with front end/back end developer split (as with most companies) would a front end developer working on those templates be more familiar knowing <?= is equal to "PHP open tag and echo"?
I would say most would be more comfortable with the more logical one. That is, a clear PHP open tag and then what is happening "echo" - <?php echo.
Risk assessment
Issue = entire site or core scripts fail to work;
The potential of issue is very low + severity of outcome is very high = high risk
Conclusion
You save a few seconds here and there not having to type a few chars, but risk a lot for it, and also likely lose readability as a result.
Front or back end coders familiar with <?= are more likely to understand <?php echo, as they're standard PHP things - standard <?php open tag and very well known "echo".
(Even front end coders should know "echo" or they simply wont be working on any code served by a framework).
Whereas the reverse is not as likely, someone is not likely to logically deduce that the equals sign on a PHP short tag is "echo".
To avoid portability issues, start PHP tags with <?php and in case your PHP file is purely PHP, no HTML, you don't need to use the closing tags.
Short tags are acceptable to use in cases where you are certain the server will support it and that your developers will understand it.
Many servers do not support it, and many developers will understand it after seeing it once.
I use full tags to ensure portability, since it's really not that bad.
With that said, a friend of mine said this, in support of alternate standardized asp-style tags, like <% rather than <?, which is a setting in php.ini called asp_tags. Here is his reasoning:
... arbitrary conventions should be
standardized. That is, any time we are
faced with a set of possibilities that
are all of equal value - such as what
weird punctuation our programming
language should use to demarcate
itself - we should pick one standard
way and stick with it. That way we
reduce the learning curve of all
languages (or whatever the things the
convention pertains to).
Sounds good to me, but I don't think any of us can circle the wagons around this cause. In the meantime, I would stick to the full <?php.
Let's face it. PHP is ugly as hell without short tags.
You can enable them in a .htaccess file if you can't get to the php.ini:
php_flag short_open_tag on
If you care about XSS then you should use <?= htmlspecialchars(…) ?> most of the time, so a short tag doesn't make a big difference.
Even if you shorten echo htmlspecialchars() to h(), it's still a problem that you have to remember to add it almost every time (and trying to keep track which data is pre-escaped, which is unescaped-but-harmless only makes mistakes more likely).
I use a templating engine that is secure by default and writes <?php tags for me.
Short tag are alwayes available in php.
So you do not need echo the first statement in your script
example:
$a =10;
<?= $a;//10
echo "Hellow";//
echo "Hellow";
?>
Suddenly you need to use for a single php script then u can
use it.
example:
<html>
<head>
<title></title>
</head>
<body>
<p>hellow everybody<?= hi;?></p>
<p>hellow everybody </p>
<p>hellow everybody </p>
</body>
</html>
3 tags are available in php:
long-form tag that <?php ?> no need to directive any configured
short_open_tag that <? ?> available if short_open_tag option in
php.ini is on
shorten tag <?= since php 5.4.0 it is always available
from php 7.0.0 asp and script tag are removed
<?php ?> are much better to use since developers of this programming language has massively updated their core-language. You can see the difference between the short tags and long tags.
Short tags will be highlighted as light red while the longer ones are highlighted darker!
However, echoing something out, for example: <?=$variable;?> is fine. But prefer the longer tags. <?php echo $variable;?>
Convert <? (without a trailing space) to <?php (with a trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\?(?!php|=|xml|mso| )/<\?php /g'
Convert <? (with a trailing space) to <?php (retaining the trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\? /<\?php /g'
No, and they're being phased out by PHP 6 so if you appreciate code longevity, simply don't use them or the <% ... %> tags.
Here's the information according to the official documentation:
There are four different pairs of
opening and closing tags which can be
used in PHP. Two of those, <?php ?>
and <script language="php"> </script>,
are always available. The other two
are short tags and ASP style tags, and
can be turned on and off from the
php.ini configuration file. As such,
while some people find short tags and
ASP style tags convenient, they are
less portable, and generally not
recommended.
In my experience most servers do have short tags enabled. Typing
<?=
is far more convenient than typing
<?php echo
The programmers convenience is an important factor, so why are they not recommended?
There must be a clear distinction between the PHP short tag (<?) and shorthand echo tag (<?=)
The former is prohibited by the PHP Coding standard, mostly out of common sense because it's a PITA if you ever have to move your code to a server where it's not supported (and you can't enable it). As you say, lots of shared hosts do support shorttags but "lots" isn't all of them. If you want to share your scripts, it's best to use the full syntax.
Whereas the shorthand echo tag <?= cannot be disabled and therefore is fully acceptable to use.
I agree that <? is easier on programmers than <?php but it is possible to do a bulk find-and-replace as long as you use the same form each time.
I don't buy readability as a reason at all. Most serious developers have the option of syntax highlighting available to them.
As ThiefMaster mentions in the comments, as of PHP 5.4, <?= ... ?> tags are supported everywhere, regardless of shorttags settings. This should mean they're safe to use in portable code but that does mean there's then a dependency on PHP 5.4+. If you want to support pre-5.4 and can't guarantee shorttags, you'll still need to use <?php echo ... ?>.
Also, you need to know that ASP tags <% , %> , <%= , and script tag are removed from PHP 7. So if you would like to support long-term portable code and would like switching to the most modern tools consider changing that parts of code.
I'm too fond of <?=$whatever?> to let it go. Never had a problem with it. I'll wait until it bites me in the ass. In all seriousness, 85% of (my) clients have access to php.ini in the rare occasion they are turned off. The other 15% use mainstream hosting providers, and virtually all of them have them enabled. I love 'em.
Starting with PHP 5.4, the echo shortcut is a separate issue from short tags, as the echo shortcut will always be enabled. It's a fact now:
SVN Revision by Rasmus Lerdorf
Mailing list discussion
So the echo shortcut itself (<?=) is safe to use now.
The problem with this whole discussion lies in the use of PHP as a templating language. No one is arguing that tags should be used in application source files.
However PHP's embeddable syntax allows it to be used as a powerful template language, and templates should be as simple and readable as possible. Many have found it easier to use a much slower, add-on templating engine like Smarty, but for those purists among us who demand fast rendering and a pure code base, PHP is the only way to write templates.
The ONLY valid argument AGAINST the use of short tags is that they aren't supported on all servers. Comments about conflicts with XML documents are ludicrous, because you probably shouldn't be mixing PHP and XML anyway; and if you are, you should be using PHP to output strings of text. Security should never be an issue, because if you're putting sensitive information like database access credentials inside of template files, well then, you've got bigger issues!
Now then, as to the issue of server support, admittedly one has to be aware of their target platform. If shared hosting is a likely target, then short tags should be avoided. But for many professional developers (such as myself), the client acknowledges (and indeed, depends on the fact) that we will be dictating the server requirements. Often I'm responsible for setting up the server myself.
And we NEVER work with a hosting provider that does not give us absolute control of the server configuration -- in such a case we could count on running to much more trouble than just losing short tag support. It just doesn't happen.
So yes -- I agree that the use of short tags should be carefully weighed. But I also firmly believe that it should ALWAYS be an option, and that a developer who is aware of his environment should feel free to use them.
Short tags are coming back thanks to Zend Framework pushing the "PHP as a template language" in their default MVC configuration. I don't see what the debate is about, most of the software you will produce during your lifetime will operate on a server you or your company will control. As long as you keep yourself consistent, there shouldn't be any problems.
UPDATE
After doing quite a bit of work with Magento, which uses long form. As a result, I've switched to the long form of:
<?php and <?php echo
over
<? and <?=
Seems like a small amount of work to assure interoperability.
Because the confusion it can generate with XML declarations. Many people agree with you, though.
An additional concern is the pain it'd generate to code everything with short tags only to find out at the end that the final hosting server has them turned off...
Following is the wonderful flow diagram of the same:
Source: similiar question on Software Engineering Stack Exchange
In case anyone's still paying attention to this... As of PHP 5.4.0 Alpha 1 <?= is always available:
http://php.net/releases/NEWS_5_4_0_alpha1.txt
So it looks like short tags are (a) acceptable and (b) here to stay. For now at least...
http://uk3.php.net/manual/en/language.basic-syntax.phpmode.php has plenty of advice, including:
while some people find short tags and
ASP style tags convenient, they are
less portable, and generally not
recommended.
and
note that if you are embedding PHP
within XML or XHTML you will need to
use the <?php ?> tags to remain
compliant with standards.
and
Using short tags should be avoided
when developing applications or
libraries that are meant for
redistribution, or deployment on PHP
servers which are not under your
control, because short tags may not be
supported on the target server. For
portable, redistributable code, be
sure not to use short tags.
Short tags are not turned on by default in some webservers (shared hosts, etc.), so code portability becomes an issue if you need to move to one of these.
Readability may be an issue for some. Many developers may find that <?php catches the eye as a more obvious marker of the beginning of a code block than <? when you scan a file, particularly if you're stuck with a code base with HTML and PHP tightly inter-woven.
Note: Starting in PHP 5.4 the short tag, <?=, is now always available.
I read this page after looking for information on the topic, and I feel that one major issue has not been mentioned: laziness vs. consistency. The "real" tags for PHP are <?php and ?>. Why? I don't really care. Why would you want to use something else when those are clearly for PHP? <% and %> mean ASP to me, and <script ..... means Javascript (in most cases). So for consistency, fast learning, portability, and simplicity, why not stick to the standard?
On the other hand I agree that short tags in templates (and ONLY in templates) seem useful, but the problem is that we've just spent so much time discussing it here, that it would likely take a very long time to have actually wasted that much time typing the extra three characters of "php"!!
While having many options is nice, it's not at all logical and it can cause problems. Imagine if every programming language allowed 4 or more types of tags: Javascript could be <JS or < script .... or <% or <? JS.... would that be helpful? In the case of PHP the parsing order tends to be in favor of allowing these things, but the language is in many other ways not flexible: it throws notices or errors upon the slightest inconsistency, yet short tags are used often. And when short tags are used on a server that doesn't support them, it can take a very long time to figure out what is wrong since no error is given in some cases.
Finally, I don't think that short tags are the problem here: there are only two logical types of PHP code blocks-- 1) regular PHP code, 2) template echoes.
For the former, I firmly believe that only <?php and ?> should be allowed just to keep everything consistent and portable.
For the latter, the <?=$var?> method is ugly. Why must it be like this? Why not add something much more logical?
<?php $var ?>
That would not do anything (and only in the most remote possibilities could it conflict with something), and that could easily replace the awkward <?= syntax. Or if that's a problem, perhaps they could use <?php=$var?> instead and not worry about inconsistencies.
At the point where there are 4 options for open and close tags and the random addition of a special "echo" tag, PHP may as well have a "custom open/close tags" flag in php.ini or .htaccess. That way designers can choose the one they like best. But for obvious reasons that's overkill. So why allow 4+ options?
As of 2019 I disagree with certain answers here. Recommended to use:
1. Long tags
<?php /* code goes here */ ?>
2. Short echo tags
<?= /* code goes here */ ?>
Reason: They are recommended by the PSR-1 basic coding standard
Other short tags like <? /* code goes here */ ?> are not recommended.
The spec says:
PHP code MUST use the long tags or the short-echo
tags; it MUST NOT use the other tag variations.
One situation that is a little different is when developing a CodeIgniter application. CodeIgniter seems to use the shorttags whenever PHP is being used in a template/view, otherwise with models and controllers it always uses the long tags. It's not a hard and fast rule in the framework, but for the most part the framework and a lot of the source from other uses follows this convention.
My two cents? If you never plan on running the code somewhere else, then use them if you want. I'd rather not have to do a massive search and replace when I realize it was a dumb idea.
<? is disabled by default in newer versions. You can enable this like described Enabling Short Tags in PHP.
I thought it worth mentioning that as of PHP 7:
Short ASP PHP tags <% … %> are gone
Short PHP tabs <? … ?> are still available if short_open_tag is set to true. This is the default.
Since PHP 5.4, Short Print tags <?=… ?> are always enabled, regardless of the short_open_tag setting.
Good riddance to the first one, as it interfered with other languages.
There is now no reason not to use the short print tags, apart from personal preference.
Of course, if you’re writing code to be compatible with legacy versions of PHP 5, you will need to stick to the old rules, but remember that anything before PHP 5.6 is now unsupported.
See: https://secure.php.net/manual/en/language.basic-syntax.phptags.php
Note also the the above reference discourages the second version (<? … ?>) since it may have been disabled:
Note:
As short tags can be disabled it is recommended to only use the normal tags (<?php ?> and <?= ?>) to maximise compatibility.
IMHO people who use short tags often forget to escape whatever they're echoing. It would be nice to have a template engine that escapes by default. I believe Rob A wrote a quick hack to escape short tags in Zend Frameworks apps. If you like short tags because it makes PHP easier to read. Then might Smarty be a better option?
{$myString|escape}
to me that looks better than
<?= htmlspecialchars($myString) ?>
It's good to use them when you work with a MVC framework or CMS that have separate view files. It's fast, less code, not confusing for the designers. Just make sure your server configuration allows using them.
One has to ask what the point of using short tags is.
Quicker to type
MDCore said:
<?= is far more convenient than typing <?php echo
Yes, it is. You save having to type 7 characters * X times throughout your scripts.
However, when a script takes an hour, or 10 hours, or more, to design, develop, and write, how relevant is the few seconds of time not typing those 7 chars here and there for the duration of the script?
Compared to the potential for some core, or all, of you scripts not working if short tags are not turned on, or are on but an update or someone changing the ini file/server config stops them working, other potentials.
The small benefit you gain doesn't comes close to outweighing the severity of the potential problems, that is your site not working, or worse, only parts of it not working and thus a headache to resolve.
Easier to read
This depends on familiarity.
I've always seen and used <?php echo. So while <?= is not hard to read, it's not familiar to me and thus not easier to read.
And with front end/back end developer split (as with most companies) would a front end developer working on those templates be more familiar knowing <?= is equal to "PHP open tag and echo"?
I would say most would be more comfortable with the more logical one. That is, a clear PHP open tag and then what is happening "echo" - <?php echo.
Risk assessment
Issue = entire site or core scripts fail to work;
The potential of issue is very low + severity of outcome is very high = high risk
Conclusion
You save a few seconds here and there not having to type a few chars, but risk a lot for it, and also likely lose readability as a result.
Front or back end coders familiar with <?= are more likely to understand <?php echo, as they're standard PHP things - standard <?php open tag and very well known "echo".
(Even front end coders should know "echo" or they simply wont be working on any code served by a framework).
Whereas the reverse is not as likely, someone is not likely to logically deduce that the equals sign on a PHP short tag is "echo".
To avoid portability issues, start PHP tags with <?php and in case your PHP file is purely PHP, no HTML, you don't need to use the closing tags.
Short tags are acceptable to use in cases where you are certain the server will support it and that your developers will understand it.
Many servers do not support it, and many developers will understand it after seeing it once.
I use full tags to ensure portability, since it's really not that bad.
With that said, a friend of mine said this, in support of alternate standardized asp-style tags, like <% rather than <?, which is a setting in php.ini called asp_tags. Here is his reasoning:
... arbitrary conventions should be
standardized. That is, any time we are
faced with a set of possibilities that
are all of equal value - such as what
weird punctuation our programming
language should use to demarcate
itself - we should pick one standard
way and stick with it. That way we
reduce the learning curve of all
languages (or whatever the things the
convention pertains to).
Sounds good to me, but I don't think any of us can circle the wagons around this cause. In the meantime, I would stick to the full <?php.
Let's face it. PHP is ugly as hell without short tags.
You can enable them in a .htaccess file if you can't get to the php.ini:
php_flag short_open_tag on
If you care about XSS then you should use <?= htmlspecialchars(…) ?> most of the time, so a short tag doesn't make a big difference.
Even if you shorten echo htmlspecialchars() to h(), it's still a problem that you have to remember to add it almost every time (and trying to keep track which data is pre-escaped, which is unescaped-but-harmless only makes mistakes more likely).
I use a templating engine that is secure by default and writes <?php tags for me.
Short tag are alwayes available in php.
So you do not need echo the first statement in your script
example:
$a =10;
<?= $a;//10
echo "Hellow";//
echo "Hellow";
?>
Suddenly you need to use for a single php script then u can
use it.
example:
<html>
<head>
<title></title>
</head>
<body>
<p>hellow everybody<?= hi;?></p>
<p>hellow everybody </p>
<p>hellow everybody </p>
</body>
</html>
3 tags are available in php:
long-form tag that <?php ?> no need to directive any configured
short_open_tag that <? ?> available if short_open_tag option in
php.ini is on
shorten tag <?= since php 5.4.0 it is always available
from php 7.0.0 asp and script tag are removed
<?php ?> are much better to use since developers of this programming language has massively updated their core-language. You can see the difference between the short tags and long tags.
Short tags will be highlighted as light red while the longer ones are highlighted darker!
However, echoing something out, for example: <?=$variable;?> is fine. But prefer the longer tags. <?php echo $variable;?>
Convert <? (without a trailing space) to <?php (with a trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\?(?!php|=|xml|mso| )/<\?php /g'
Convert <? (with a trailing space) to <?php (retaining the trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\? /<\?php /g'
No, and they're being phased out by PHP 6 so if you appreciate code longevity, simply don't use them or the <% ... %> tags.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
What does this symbol mean in PHP <?=
Reference - What does this symbol mean in PHP?
In some coding I've found, I've seen the author use <?= and ?> in his code. I'm wondering if this is some fancy PHP or another language. I'm eager to know the answer as I would love to learn off of this code. I believe it could be the Fuel PHP framework but I am not sure as there is no documentation for it. Thanks.
An example of it's use:
<?=SITEROOT?>
They are called short tags, but you should avoid using it as much as you can, because the short tags can be set to Off and then your script wont work, so use <?php tags,
http://php.net/manual/en/ini.core.php
It's just an alternate way to write the <?php ?> tags, think of it as a synonym of <?php echo SITEROOT; ?>.
I believe it is a configuration item, some servers have it turned on, others don't; so it isn't 100% portable, other then that though, it is standard php functionality
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Are PHP short tags acceptable to use?
I saw some people use
<?=
instead of
<?php echo
It does make all those
<td something><?php echo $result;?></td>
<td something><?php echo $result2;?></td>
shorter and easy to read (to me at least) but my question is: is it desirable to use this syntax? Or is it deprecated/discouraged/simply wrong?
Thanks!
Supposedly, some people have short tags disabled on their server, so this won't work.
It's best practice to use <?php echo $var; ?> instead, but some will argue that it's more readable to use short tags and that having them disabled is rare.
For best results, avoid them.
EDIT: Apparently PHP 5.4 will allow you to use <?= syntax regardless of server configuration (I was not aware). In that case, I still say - avoid it if you care about portability and different environments that may not be running 5.4, or may have short tags disabled.
<? ?> for PHP blocks is deprecated, but the PHP manual says <?= ?> is going to stick around (and from PHP 5.4 upwards, it'll be on always, even if short tags are off/removed). So, not deprecated, and common practice.
It can't be deprecated because sometimes ago it was available only with switched on short tags, but will be available always since PHP 5.4
As of me, <?= is more readable, but you (or your team) should choose your own style
<?= is known as short tags, PHP framework like CI support this and you can even add support for these in your php.ini files. That said, you should not use this tag at all. This is not so commonly encouraged and now a standard PHP tag with 5.4, using non standard tgas reduces the portability of your scripts. Time to correct my self, this is standard tag, I was stuck with 5.3 :(
This question already has answers here:
Closed 13 years ago.
Possible Duplicate:
Are PHP short tags acceptable to use?
<?php
//Some code
?>
or
<?
//Some code
?>
I know the first way is the proper way but PHP code isn't validated. So, besides it saving extra typing & bytes, does it matter?
update
Thanks for the replies...
I had no idea they were called short tags (hence why I didn't find the duplicate SO question)
I had no idea there was a specific server configuration option to allow/disallow the short tags.
Thanks again
It does, if anyone ever uses your code on a server where short tags are disabled. I work with several servers where they are. Other than that though, no. Using the short version makes your script less portable though for the above mentioned reason. This may or may not be an issue for you.
This is another issue entirely, but related. If you are trying to generate certain types of files from PHP (XML is the candidate that comes up most often for me) then having short tags can be an issue. For instance, the following causes a PHP syntax error:
<?xml version="1.0" ?>
You must instead write the following on a server that has short tags enabled:
<?php echo '<?xml version "1.0" ?>'; ?>
Gah!
If your project is likely to be deployed on different servers (open source software, for example) it is best to always use <?php
However, if you're like me, and always strive for maximum portability, use <?php even if you don't believe your software will ever leave your server. Most servers have short tags enabled.
However, if they have short tags disabled, and you use them, your PHP will be exposed to the world (if under the document root).
No difference it's just a matter of preference I think, plus why should it matter? it's just another 3 bytes.
Edit:
Forgot to say that you have to enable short hand in php.ini
the closing bracket is not compulsory
On some systems, the default option for the short_open_tags is off, so the latter doesn't work, while the former does, so it can completely break your website if you use the second. Personally, I just like to override the setting and use the second.
<? ?>
are short tags, if short tags are off it won't work.