It's recommended that one should not put a PHP closing tag at the end of the file to avoid all sorts of untoward error. But is there any circumstances when PHP tag closing is needed?
A closing tag is needed if you want to switch from the PHP code block to the plain text output.
Here’s an example:
<?php
// PHP code block
?>
<!-- plain text output and not processed by PHP -->
</body>
BTW if you want to know what error you are preventing by skipping the closing tag. Since Zend's explanation doesn't go into detail.
It is not required by PHP, and omitting it prevents the accidental injection of trailing white space into the response.
This means that if you want to use header() to redirect some person to some other location or change the HTTP header in any way... then you can't and will get an error if some file ends like this.
}
?>
//space here
Because then this space will be outputted to the site as content and then you can't modify the headers.
This is my personal "rule":
File with only php code: Never end tag
File with php mixed with something else (I.e. HTML): Always end tag
It's only needed when you want to output non-php code after your php block.
When you are not just using PHP in the script :-)
As a general rule, I always add the closing tag, because it's the only time all day that my question-mark finger gets exercise. That poor question mark gets no love in PHP ;-)
But seriously, adding the closing tag when it's not required can actually lead to really confusing errors. I pulled my hair out all afternoon once because of this. The trouble is usually because there's spaces after the closing tag that you can't easily see, but they get interpreted as part of a response body. This is bad news if you're including this file inside another script that wants to send a custom header later on. You can't send header information after a script has started sending the response body, so these little invisible spaces result in the script failing.
Related
This question already has answers here:
Why would one omit the close tag?
(14 answers)
Closed 8 years ago.
In some scripts I see that they omit writing a closing tag ?> for the script. Why is it and should I do this as well?
(I'm sure they have not forgotten it.)
Well, omitting the closing tag is just one solution for avoiding blanks and other characters at the end of file. For example any char which is accidentally added behind the closing tag would trigger an error when trying to modify header info later.
Removing the closing tag is kind of "good practice" referring to many coding guidelines.
From PHP: Instruction Separation
The closing tag of a PHP block at the end of a file is optional, and in some cases omitting it is helpful when using include() or require(), so unwanted whitespace will not occur at the end of files, and you will still be able to add headers to the response later. It is also handy if you use output buffering, and would not like to see added unwanted whitespace at the end of the parts generated by the included files.
php.net on PHP tags:
If a file is pure PHP code, it is preferable to omit the PHP closing
tag at the end of the file. This prevents accidental whitespace or new
lines being added after the PHP closing tag, which may cause unwanted
effects because PHP will start output buffering when there is no
intention from the programmer to send any output at that point in the
script.
They do it to avoid risking to have whitespaces after the closing tag which may stop headers to work.
This is, of course, true for PHP-only files.
CodeIgniter Framework suggests to omit closing tags for
"... can cause unwanted output, PHP errors or blank pages".
You can read it here.
Modern versions of PHP set the output_buffering flag in php.ini. If output buffering is enabled, you can set HTTP headers and cookies after outputting HTML, because the returned code is not sent to the browser immediately.
Are the examples still valid in this context?
It shows unwanted white space / blank page. HTTP headers do not work for those unwanted whitespace.
Most JavaScript injection is made at the end of the file. It will show an error message and breaks the code, injected JavaScript code does not get executed.
In pretty much every PHP page I have in netbeans, the end of the file usually ends with a closing PHP tag, ?>
If this tag is ever at the very end of the document, NetBeans shows a hint saying
Unnecessary Closing Delimiter
This doesn't seem to follow the general rule of closing tags throughout the rest of the document, why is it not needed at the end, and why does leaving it out not cause an 'Unexpected end of file' error?
Only exit PHP mode if you want to output something to the browser after the end of the script. Eg:
<?php
do_something_function();
?>
<div> this is HTML </div>
If you don't intend to send anything else to the browser, closing ?> leaves open the possibility that you send some whitespace anyway, which could have some unintended effects. Eg. If the user wants to download a secret message, your script might be:
<?php
//set headers for content type and size
//send message
echo $encrypted_msg;
?>
(<< there is unintended white-space here)
Because you are sending some white-space after the closing ?>, what the browser will receive is not what's expected. The message is probably corrupt and decryption will fail.
Another, perhaps more typical example. Suppose your front end code makes an ajax request to the php script and expects to receive JSON encoded info. Here is the script:
<?php
header('Content-type: application/json');
echo json_encode(['name'=>'Dana']);
?>
(<< white-space)
In Firefox, the whitespace at the end will case a 400 Bad Request error because it turns the server response into badly formed JSON.
A much harder to fix problem can occur if the white-space is not in the file you're actively writing, but in another included file. Consider this situation:
main.php
<?php
include 'value.php';
setcookie('pref_language', 'english'); //to remember user's preference
echo $value;
value.php
<?php
$value = 'Hi, this is value.php';
?>
(<< white-space)
Even though the file you're coding (main.php) is well written, the code will fail because cookies and headers must be set before anything is sent to the browser and unfortunately, value.php is emitting white-space. This kind of error can be a nightmare to deal with if you have large programs that include many scripts.
From the manual: (credit to #chris85 for finding this so fast)
The closing tag of a PHP block at the end of a file is optional, and
in some cases omitting it is helpful when using include or require, so
unwanted whitespace will not occur at the end of files, and you will
still be able to add headers to the response later.
Not using a closing tag in files that are included seem to work fine for me. Yet, in the PHP.net manual for the include statement it says:
When a file is included, parsing drops out of PHP mode and into HTML
mode at the beginning of the target file, and resumes again at the
end. For this reason, any code inside the target file which should be
executed as PHP code must be enclosed within valid PHP start and end
tags.
This seems to indicate that I should be using closing tags on such files.
Yet, the following information in the PHP.net manual for instruction separation seems to contradict this:
The closing tag of a PHP block at the end of a file is optional, and
in some cases omitting it is helpful when using include or require, so
unwanted whitespace will not occur at the end of files, and you will
still be able to add headers to the response later. It is also handy
if you use output buffering, and would not like to see added unwanted
whitespace at the end of the parts generated by the included files.
Is there a contradiction here or am I misunderstanding something? If I am misunderstanding something, what am I misunderstanding?
what PHP is telling you is that when you have and html archive you have to use enclosing php tags to use php, and the second paragraph, tells you that when using a php file, it is optional to close the php tags, because there may be more files running and the last of them may have the closing tag, because if you close the php tag when you are in a php file, you can break the following files because php execution may end unexpectedly
This question already has answers here:
Why would one omit the close tag?
(14 answers)
Closed 8 years ago.
OK, I hate doing something for no reason, especially if it appears to be the stupidest thing I've ever seen, so here goes:
I'm encountering a codebase where the PHP files start with <?php, but don't end with ?>
I have not seen any documentation on why, but apparently this has something to do with "security".
Can someone enlighten me as to why I would break with common sense and leave out the closing PHP tag at the bottom of a file?
The documentation states:
If a file is pure PHP code, it is preferable to omit the PHP closing tag at the end of the file. This prevents accidental whitespace or new lines being added after the PHP closing tag, which may cause unwanted effects because PHP will start output buffering when there is no intention from the programmer to send any output at that point in the script.
It has nothing to do with "security". It has something to do with functions whose behaviour depends on whether output has already been sent to the client or not. The best example is the function header(). It is meant for manipulating the HTTP response headers. This function will work only before any output has been send - as in HTTP there headers cannot being sent after the body.
Let's get back to the nature of PHP. It is a scripting language which can be embedded into other documents, like HTML:
<html>
<head><title><?php echo $title; ?></title></head>
<body><?php echo $body; ?></body>
</html>
When embedded into other documents PHP's output will be inserted into the document, leaving the original document as-is, meaning just sending it's literal content to the client.
When you have a class file, for example:
<?php
class Foo {
}
?><whitespace>...
<newline>
<newline>
... you are closing the PHP tag and have two forgotten spaces and new lines in the file. PHP would send those spaces and new lines to the client, meaning a function like header() wouldn't work anymore. This simply a text document with embedded PHP code. (Unlike source code files in other languages). PHP will replace the part between the <?php ?> and send the results + remaining parts of the file to the client.
If you omit the closing PHP tag in this case, the PHP parser would just ignore the spaces and newlines because they don't contain code.
According to php.net reason behind avoiding ending php tag is:
"If a file is pure PHP code, it is preferable to omit the PHP closing tag at the end of the file. This prevents accidental whitespace or new lines being added after the PHP closing tag, which may cause unwanted effects because PHP will start output buffering when there is no intention from the programmer to send any output at that point in the script."
<!DOCTYPE html>
This is the code.
How can I fix that?
I tested the HTML/CSS/JavaScript before integrating the code with Laravel.
Make sure your PHP files don't have the closing tags (?>). They might add whitespace to your HTML.
For more info, see the PHP docs:
If a file is pure PHP code, it is preferable to omit the PHP closing tag at the end of the file. This prevents accidental whitespace or new lines being added after the PHP closing tag, which may cause unwanted effects because PHP will start output buffering when there is no intention from the programmer to send any output at that point in the script.
You might also want to take a look at this post: Why would one omit the close tag?
I know this is few years late but for other people.
change the page encoding to UTF-8 without BOM and it will be solved.