Hello house,
I have always written my codes using curly bracket to join variables as it makes it simple and easy for me but am thinking it my be removed or give issues in future versions of php.
example.
$data = "This is where you show {$_POST['road']} and is better to {$_POST['read']} and click <a href='{$_POST['linkway']}'>HERE</a>
If am to write it using concatenation it will look confusing example.
$data = "This is where you show $_POST['road']". and is better to".$_POST['read'] and click <a href='".$_POST['linkway'].">HERE</a>
Please which among the two ways is better, secured to use and can stay to many newer version of php?
Thanks
Putting php variables inside of a double-quoted string isn’t going to be removed.
A fun fact: when php parses your first example, the byte-code it produces is exactly the same as your second example (you are missing some " and . in it BTW.)
Security is up to the context the values are being used in.
thats just why i prefer the first one, it makes code neat and understandable especially when you have to do with double quotes and single quotes in one line
In this context, I would be careful about $_POST data directly in a string. Though it depends upon what happens to that string. If it were to be printed to a web page I would probably want to run htmlspecialchars() on it.
Though that may be done to the string post concatenation.
I avoid putting text in full quotes as the string will be parsed and there is no need to have php do that. I put text in single quotes and variables without or outside quotes.
$data = 'This is where you show '.$_POST['road'].' and is better to '.$_POST['read'].' and click <a href="'.$_POST['linkway'].'">HERE</a>';
BUT I would not write a string with $_POST variables in them as they are not always set. I mean why write coding that can throw errors? If $_POST variables are to echoed to the screen then I set variables to be used that can be echoed regardless of $_POST state.
I think am the only one over using !empty() for all my variables including post variables and data from database query, even if i knew the column was there. but at some point I begin to feel am giving the server alot to deal with in the if statement but it does help me out or unnecessary variable not defined errors.
I always write like you instructed but in the example i wrote above i did it just for the sake of concatenation question i asked.
And thanks for confirming nothing wrong with checking my variables using to know if set or not.