How does one comment out a HTML code that has PHP in it?

Question

I have a HTML code that has PHP in it and I wanted to comment it all out.

<input type="hidden" name="returnurl" value="<?php if (!empty($link)) {echo $link;}?>">

How do I comment out both the HTML and PHP without commenting each separately?

Answer 1

Thanks to Ross Patterson, I discover that I completely misunderstood the question. So here is the new answer. I keep the old answer below, since it may still be useful for some people.

New answer

You case is easy, since there are neither PHP strings, nor comments in your code. This means that commenting this particular piece of code is as simple as:

<?php
/*
<input type="hidden" name="returnurl" value="<?php if (!empty($link)) {echo $link;}?>">
*/
?>

The problem is that you will sooner or later find yourself in a situation where this doesn't work, because the commented code contains itself comments. Imagine the following piece of code:

<div>
  You're logged in.
  <?php
  /**
   * Says "hello" to the person.
   * @param string $name The name of the person.
   */
  function SayHello($name)
  {
    echo 'Hello, ' . $name;
  }

  SayHello($personName);
  ?>
</div>

You can't possibly embed this in a single comment, since it will break on line 7.

What you can do, instead, is to use NOWDOC syntax to embed the code in a string and never use this string:

<?php
$GUID2328f09280b94c22867d831a885b57eb = <<<'GUID2328f09280b94c22867d831a885b57eb'
<div>
  You're logged in.
  <?php
  /**
   * Says "hello" to the person.
   * @param string $name The name of the person.
   */
  function SayHello($name)
  {
    echo 'Hello, ' . $name;
  }

  SayHello($personName);
  ?>
</div>
GUID2328f09280b94c22867d831a885b57eb
?>

A few remarks:

• Why do I use NOWDOC instead of a simple string?

  A simple string will break on line 5 (on “Says "hello"”). A single-quoted string will break on line 2 (on “You're”).

• Why do I use NOWDOC instead of HEREDOC?

  Because I don't want the variable names to be parsed. Parsing variables in such context would cause issues which are very difficult to find and debug, since the scope changes.

• What is this scary GUID2328…?

  I use a GUID to be sure that, firstly, the string will never terminate before the actual end, and, secondly, the string variable will never be reasonably used later in the code. I put a GUID prefix since HEREDOC/NOWDOC require the name to start by a letter, not a digit.

  If you find it ugly and stupid, feel free to use whatever syntax you want.

• It would impact the performance of the web app, right?

  Don't do premature optimization. Initializing a string can have a performance cost, but either it will be small enough to care, or maybe even PHP interpreter will be smart enough to optimize code and remove the unused string (I highly doubt it).

Note that you're not expected to comment large chunks of code in the first place. If you don't need the code, just remove it. If you think you might be need it later, let version control take care of it (you're using version control, are you?).

---

Old answer

Who are you commenting for?

• Developers? Then comment in PHP. Example:

  <?php /** The value is hidden for the moment to be backwards compatible, but the field
          * would be removed in the near future, since having this field presents a
          * security risk. See bug report 1422, http://example.com/bugs/1422 */ ?>
  <input type="hidden" name="returnurl" value="<?php if (!empty($link)) {echo $link;}?>">
  

  Remember that HTML comments are displayed publicly. Putting a comment such as in the example above is a gift for a hacker.

• Users? Then comment in HTML. Example:

  <!-- If `returnurl` is null or empty, the client would be redirected to the home page
       of the website. -->
  <input type="hidden" name="returnurl" value="<?php if (!empty($link)) {echo $link;}?>">
  

  Here, the intention is to tell something useful to the users who will for example screen scrap your website or do something which manipulates HTML (the only valid example I would see is that doing a real API is too expensive for you, so you're authorizing and inviting the users to parse HTML code directly).

Remember that:

1. HTML comments can be seen by everyone,

2. HTML comments are sent to the client, increasing the usage of the bandwidth. Note: in most cases, you don't care; it's not a few additional bytes which will affect the performance of your website, unless you're working on Google homepage.

Answer 2

As your example is written you can't comment both out without commenting them separately.

You can do it all at once if you make PHP print the html as well as the values. Such as:

<?php 
     print '<input type="hidden" name="returnurl" value="';
     if (!empty($link)) {echo $link;}
     print '">';
?>

Of course there are better ways to write this of course, but now you can just do this:

<?php /*
     print '<input type="hidden" name="returnurl" value="';
     if (!empty($link)) {echo $link;}
     print '">';
     */
?>

PHP is processed into HTML and then sent to the client requesting the page. That client then processes the HTML. So PHP comments are only seen by the PHP processor and the HTML comments are not touched by the PHP processor, but the browser (client) will recognize the HTML comments are skip over them accordingly.

Hope this helps.