Menu
Given the following code:
$myString = <<<script
.
.
.
script;
Thanks to the answers on the original version of this question, I understand <<< to be heredoc syntax, treated as double quotes without the need for escaping quotes.
Taking this a step further, how is this best exploited? Specifically, should this ease the strain of dealing with mixed quote strings containing code syntax?
i,e..
attribute="name-like string" attribute="property: 'value("value")';"
The thought is this may be useful (if implemented the way I am now guessing) especially when dealing with greater complexity and/or looking out for code injection. Again, looking for any scenarios where the heredoc for is particularly useful or exploitable.
880
It's Heredoc syntax: http://php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc
Its biggest virtue is that you don't have to worry about escaping quotes, since the string is not quote delimited.
133
It's called heredoc syntax:
A third way to delimit strings is the heredoc syntax: <<<. After this operator, an identifier is provided, then a newline. The string itself follows, and then the same identifier again to close the quotation.
Read more here.
42
It acts as a double qouted string, better to use double qoutes, easier to understand and easier to mantain in my eyes!
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
