Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

PHP sprintf vs. echo

Tags:

php

echo

printf

I posted a question earlier tonight - PHP Wordpress quotes issue where some quotes were causing me some issues.

An answer was posted suggesting using echo sprintf. This looked very clean and took care of any variable & quoting issues that may occur. My question is, whats the disadvantage of using sprintf? If any?

Why do we use echo if it usually causes issues with mixing HTML and PHP. For reference this was the echoed statement:

echo "<img src='"; bloginfo('template_url'); echo "img/" . $f['mainImage'] . ".png' />";

and the echo & sprintf:

echo sprintf(
    '<img src="%s/img/%s.png" />', 
    get_bloginfo('template_url'), 
    $f['mainImage']
);
like image 539
benhowdle89 Avatar asked Apr 13 '11 22:04

benhowdle89


People also ask

Is Sprintf PHP safe?

Not in any traditional sense, as PHP's sprintf doesn't support any of the really dangerous conversions like %n . A user-controlled format string can still cause some limited havoc (consider %99999999s ), but about the worst I think it could do would be to consume memory and time. Save this answer.

Why Sprintf is used in PHP?

The sprintf() function writes a formatted string to a variable. The arg1, arg2, ++ parameters will be inserted at percent (%) signs in the main string. This function works "step-by-step". At the first % sign, arg1 is inserted, at the second % sign, arg2 is inserted, etc.

Does ECHO work in PHP?

The PHP echo StatementThe echo statement can be used with or without parentheses: echo or echo() .

What is difference between printf () and sprintf () in PHP?

The common difference between sprintf() and printf() function is that sprintf() function display the text with the help of echo, whereas printf() function does not need the echo to display the text.


1 Answers

It's not the echo statement that "causes" problems, it's the lack of information available to newcomers, so I'll try to explain them.

There are four ways of specifying a string in php:

  • Using a single quote

    $str = 'Hello World. This might be a php $variable';

    echo $str; // Outputs: Hello World. This might be a php $variable

Since the string was wrapped in single quote, php engine will not try to interpret $variable as actual variable and the contents of what you see in the quotes will be echoed.

  • Using double quote
$variable = 'random text';
$str = "Hello World. This will be interpreted as $variable";

echo $str; // Outputs: Hello World. This will be interpreted as random text

In this example, php will try to find a variable named $variable and use its contents in the string.

  • Heredoc syntax

Heredoc is useful for things such as what you wanted to do - you have a mix of variables, single quotes, double quotes and escaping all that can be a mess. Hence, good php people implemented the following syntax for us:

$str = <<<EOF
<img src="$directory/images/some_image.gif" alt='this is alt text' />
<p>Hello!</p>
EOF;

What will happen is that PHP engine will try to interpret variables (and functions, but I won't post examples on how to do that since it's available at php.net), however you wrapped the string with <<

  • Nowdoc syntax
$str = <<<'EOF'
    <p>Hello! This wants to be a $variable but it won't be interpreted as one!</p>
    EOF;

It's the same as using a single-quoted string - no variable replacements occur, and to specify something as nowdoc - simply wrap the delimiter with single quote characters as shown in the example.

If you are able to understand these four principles, problems with quotes in your string should go away :)

like image 148
N.B. Avatar answered Sep 23 '22 01:09

N.B.