I really cannot understand where is the danger of "executing a system call"!
What is the difference between these two cases:
1) Evaluate an expression, assign it to a temporary variable and then print
it into an heredoc string.
2) Evaluate the expression directly INSIDE the heredoc string.
Let me explain it again.
Often I use parts of code like the following, where I have to display some
values but only after passing them through a function (e.g. to escape them).
Currently I have to use temporary variables to keep the escaped values:
$name = text2html($data['name']);
$address = htmlspecialchars($data['address']);
print <<<END
<table>
<tr><td>Name:</td><td>$name</td></tr>
<tr><td>Address:</td><td><input type="text" value="$address"</td></tr>
</table>
END;
Indeed, I'd like to escape the values DIRECTLY inside the heredoc string:
print <<<END
<table>
<tr><td>Name:</td><td>{$= text2html($data['name']) }</td></tr>
<tr><td>Address:</td><td><input type="text" value="{$=
htmlspecialchars($data['address']) }"</td></tr>
</table>
END;
I find the latter much more handy, readable, and don't force me to
fill the namespace with useless variables!
I don't think it should be difficult to implement this syntax.
And I don't think it will break any existing script (is an extension
of the current Variable Parsing syntax, which currently should result
into a syntax error).
Bye.
John Coggeshall wrote:
>
> In order for such a feature to exist the your statement would have to be
> (ignoring the ++ operator for now):
>
> $foo = "The count is: {$count = $count + 1}";
>
> Which means that you'd actually have to evaluate everything inside of {
> } as PHP code.. Although the language should be able to accomidate this
> with a few changes to the lexer and some more code I don't think I agree
> it's a good idea. Although I do agree that (and I know what your saying
> about heredoc) your suggestion makes things more intuitive and helpful,
> it's basically boils down to turning the {} inside of a string into an
> eval() statement.. And that I don't agree with:
>
> <?php
>
> // assume $count['a'] has the following value from a form or
> something...
>
> $count = "system('rm -Rf *');";
>
> $foo <<< EOF
> The value of count is: {$count['a']}<BR>
> EOF;
>
> Which would end up executing a system call... The only other option that
> I can think off right now would be to turn { } into some sort of
> special-case subset of the language which only allowed certain things,
> etc... And that is really much more of a headache that it's worth.
>
> John
>
>
> >-----Original Message-----
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> >Sent: Sunday, January 05, 2003 1:45 PM
> >To: [EMAIL PROTECTED]
> >Subject: [PHP-DEV] Generic expressions interpolation in strings
> >
> >
> >I already opened a bug (#21433) about this Feature Request,
> >but I realized it is better to discuss here about it.
> >
> >
> >I'm relatively new to PHP. Previously I used to program a lot
> >in Perl. What I really lack in PHP is Perl's ability to
> >interpolate any expression inside a string. For example:
> >
> >Perl: "Next value is @{[ $value + 1 ]}!"
> >PHP: "Next value is " . $value + 1 . "!"
> >
> >In this simple case it's not a great problem, but it becomes
> >more awkward when using the heredoc operator. In this cases
> >I'm often forced to use temporary variables:
> >
> >$tempvar = $value + 1;
> >print <<< END
> >Here it is the next value
> >$tempvar
> >Other text...
> >END;
> >
> >
> >I propose to extend the Variable Parsing syntax to evaluate
> >ANY expression instead of variables only. I propose the
> >following syntax:
> >
> >print <<< END
> >Here it is the next value
> >{$= $value + 1 }
> >Other text...
> >END;
> >
> >Using "{=" would be more readable but it would cause too many
> >backward compatibility problems...
> >
> >
> >What do you think of this?
> >
> >
> >Thanks.
--
___________________________________________________
__
|- [EMAIL PROTECTED]
|ederico Giannici http://www.neomedia.it
___________________________________________________
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
