What is Greedy Token Parsing in PHP? I was reading a PHP coding guide which said the following...
"Always use single quoted strings unless you need variables parsed, and in cases where you do need variables parsed, use braces to prevent greedy token parsing. You may also use double-quoted strings if the string contains single quotes, so you do not have to use escape characters."
Is this using curly braces around my variables some sort of security process to rule out hacking? (E.g. {$var}) Is greedy token parsing some sort of attack that hackers can use, like SQL injection or XSS (Cross Site Scriptiong
Suppose you want the character "a" to immediately follow the value contained in variable $var
. If you write "$vara", that's not going to work because you don't have a variable $vara
. The parser is greedy--it assumes that everything following $
should be included if it's legal syntax to include it. "${var}a" prevents that.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With