What is <<<_END? - php

I'm new to PHP and don't understand what the point of <<<_END is. Could someone please explain when this should be used? I've looked at various examples and they all seem to have HTML embedded within them. But I can use HTML without the <<<_END tags, so why should I use them? I tried searching the manual, but I keep finding the end() method for arrays.

It's the start of a heredoc. you can do:
$data = <<< _END
You can write anything you want in between the start and end
_END;
_END can be just about anything. You could put EOF or STUFF. as long as you use the same thing at the start and the finish.

This signifies the beginning of a heredoc (a multi-line string that allows you to use quotation marks in the middle, unescaped) that ends when you encounter the _END
It can be useful to define HTML in one of these if the goal is to assign it to a variable or pass it to a function rather than printing it to the web server immediately.

That syntax is called heredoc
<<<_END
some text
_END
Basically, it's a way of writing a string without worrying about escaping quotes and so on.
As you've mentioned, it doesn't really provide a lot of benefit over other string formats - although, it does mean you can write a block of HTML without escaping out of PHP with ?>
It also isn't too popular as its use generally goes against the practice of seperating content from logic by embedding the content in the middle of your script.

Does this help? http://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc
It allows you to echo out a block of text (just the same as with echo "words";), but without using the beginning/ending quotes, and without having to escape contained double quotes. Read the manual link above for more detail.

It's a heredoc. It's just a way of defining a string.

Related

PHP echo returning blank value

So I am trying to link using data I got from a function but it keeps giving me a blank value for ID. Here's my code for what I'm trying to print
<h3 style="text-align: center;">Seller: <?php $sellername =
getNameFromListingID(); $id = getIDByUsername($sellername); echo "".$sellername."";?></h3>
The functions work properly, I have tried printing both of them and it works. They're in a file called getinfo.php, which I have
Include 'getinfo.php';
At the top of my document.
The link with the name works but I always get seller.php?id=, with no value after. Any clue as to why?
You're ending the href attribute too early.
<a href=\"seller.php?id=".$id."\">
This will put the $id inside the href attribute, where it belongs.
Use single quotes in PHP, it's a good practice to get into, and it's also slightly (a teeny tiny bit) faster for PHP to process. Why? Because, when you use double quotes, you're telling PHP that your string contains variables that may need to be evaluated.
So in truth, you don't even need the quotes around variables here.
echo "$sellername";
But doing it like this would be following a best practice.
And now you don't need to escape \" double quotes that HTML uses.
echo ''.$sellername.'';
Caution: It's also a very good idea to escape special characters in anything you're outputting into HTML markup. That avoids the potential for an XSS vulnerability. See: htmlspecialchars()
echo ''.htmlspecialchars($sellername).'';

Is it safe to concatenate a double quoted to a single quoted string?

Are there any issues I should be aware of when doing the following:
$table_html = ' <td id="unescaped-double-quotes-yay">Some stuff</td>' . "\n";
I do not like escaping double quotes withing HTML and I can't stand using single quotes in HTML, my solution is what I have above. Am I going to run into any issues with this practice?
You MUST escape strings that comes from DB or from the user because they could easily break you concatenation if the unexpected kind of quote is present in that string (not to mention that you MUST cleanse anything that comes from the user for minimal security).
Other than that you can concatenate strings any way you like. Still, life will always be easier if you manage to use them cosistently the same way.
I have done this many times on client sites (have since found better alternatives), you are 100% fine.
Are you aware of the following representation:
$table_html = <<<HTML
<td id="unescaped-double-quotes-yay">
Some stuff, and i can use normal newlines here
</td>
HTML;
It is called "heredoc", and you must keep in mind that the final string must be equivalent to the opening one, and must be the only thing on the line (no spaces or even comments are allowed).
You must also terminate the last line with the newline, even if it is the last line in the file.
To read more about it click here

What is the difference between EOT and HTML? in PHP

I've seen some people using this code.
echo <<< EOT
Hi <br>
EOT;
and
echo <<< HTML
Hello<br>
HTML;
What's the difference of those two? and why would not they use the normal echo? like
echo "How are you<br>"?
Nothing, it's just a delimiter for the HEREDOC syntax. The only benefit of using HEREDOC is you can keep indents and structure of your string in the source code. It tends to be nicer to work with than concatenated strings - for your example Hi <br>, there is no good reason to use HEREDOC.
why would not they use the normal echo?
Using heredoc for this very example makes no sense.
And it's indeed to use echo to print out single text line.
So, nobody is using heredoc for this.
Also, in echoing large text blocks heredoc is useless again, as one have to just close PHP tag and write the text as is.
The only use of heredoc is when you need to store a large block of text in a variable.
$var = <<< HERE
Hello %s!
Please follow this link %s to continue registration.
HERE;
May be very very very late to comment but, in context of today's IDEs: When you use HEREDOCS the identifiers provide a hint as to what kind of information is being stored
Say <<<SQL the IDE's syntax highlighter may use the SQL identifier for highlighting the contents of the string as an SQL Query. <<<HTML for HTML highlighting ... and so forth.

Disadvantages of using EOF?

I've seen HTML nested within a PHP page written in so many ways... some of which are demonstrated in this page:
http://austingulati.com/2010/01/many-ways-to-integrate-html-into-php/
But... I very rarely see HTML and PHP written in unison as follows:
echo <<<EOF
<h1>Welcome</h1>
<p>Hello</p>
<p>{$somePHPVariable}</p>
EOF;
Question:
Is there a fundamental issue with using the EOF approach that I should be aware of?
Heredocs are wonderful if you're building HTML and need to embed variables.
They honor the linebreaks/spacing you embed within them (even if the browser doesn't display that) so it's MUCH easier to build nicely formatted HTML, and also relieve you of the need to escape quotes while building the strings:
e.g. compare
print("<div class=\"this\">\n\tblah blah\n\t\t<span class=\"that\">blah</span>\n</div>");
v.s.
echo <<<EOL
<div class="this">
blah blah
<span class="that"</span>
</div>
EOL;
They can also be used in concatenation operations, eg.
$x = "hello";
$x .= <<<EOL
there, how
EOL
$x .= <<<EOL
are you?
EOL;
will eventually give $x the value hello there, how are you?. Basically consider the heredoc syntax to be a VERY fancy version of double-quoted strings, with none of the drawbacks. The only restriction is that the heredoc's sentinal value must be on a line by itself, so there's no way to make a "one line" heredoc.
This is called heredoc syntax (the "EOF" can be any identifier, not just "EOF"). It's a little more finicky than the other string syntaxes, and it can be a little confusing to folks who haven't encountered it before. Perfectly fine to use, though.
Heredoc syntax is actually great! It is very useful for situations where you have data with lots of single quotes and double quotes.
I've gone into some of the details of it before here:
Quoting quotation marks
One of the downsides to it I find is that it does tend to disable syntax highlighting in editors because the editor views it as one big string and therefore won't properly highlight html inside.
Another downside is not being able to directly call functions from within heredoc syntax. There are workarounds and a few of them are mentioned here: Calling PHP functions within HEREDOC strings

PHP - Comments inside <?php echo <<<EOF

How do I comment out if I use this syntax?:
<?php
echo <<<EOF
Is it //Comment or <!-- Comment --> or something else?
EOF;
?>
I'm a little bit confused.
Thank you
You can't. The point of HEREDOC is that anything inside it will be part of the string. It exists to avoid having PHP meta characters (including comments) treated as such. Anything you put inside it will appear in the string (and thus, in this instance, be echoed to wherever the output is directed).
If the output is HTML, then you could include an HTML comment in it. That will still appear in the output, but anything parsing the HTML will treat it as a comment. Likewise, if the content is JS then you can use a JS comment, and so on.
You can't use a comment inside the heredoc syntax.
http://en.wikipedia.org/wiki/Here_document
It's a way to specify a literal string, literally.
Everything between the heredoc delimiters is interpreted literally, and that's the point of the heredoc syntax. Any HTML comments will be outputted as well, and PHP doesn't care that the browser will omit them.
It depends on the type of output you are echoing to. If you're echoing that data to an HTML page, you can use the <!-- --> syntax and the browser will see that as a comment. If you're outputting to a plaintext file, everything within the heredoc will be output (in truth, everything will be output when writing HTML as well, just the browser will interpret the HTML comment).
When I'm using heredoc syntax and need to comment the information inside, I typically use a (PHP-style) comment before the heredoc and reference any specific lines within by their line number, relative to the heredoc:
/* Write out default INI file.
* L002: Log level. Possible values: debug,info,warning,error.
*/
echo <<<EOF
[global]
logging = error
...
EOF
Hope that helps.
To my knowledge you can't put comments inside the HEREDOC block.
According to PHP documentation at http://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc "Heredoc text behaves just like a double-quoted string, without the double quotes.".. and you can't put comments inside a double-quoted string.
Actually, there is a circuitous way of commenting inside an echo.
You can use the following syntax
<?php
'.(/*comment here*/ NULL).'
This line will be read as inner php and can contain comments. NULL has to be included because everything inside the inner php requires a value. NULL is the most convenient choice, since you dont actually want a value, just a comment.
Actually, you cannot use PHP comments in the middle of the string (neither in double quoted nor in single quoted nor heredoc strings). They will be shown literally.
In some rare cases it may be useful to simulate comments and strip them later from the string. For instance it could be useful if you are creating some kind of template engine. But certainly in most cases you should not do this, as it's bad practice.
You can build up your string using "\r\n" (using double quotes for the line breaks) and put the comments on the same line after the string, e.g.
echo "line1\r\nline2"; //this outputs two lines

Categories