php php中heredoc与nowdoc的优点/不便
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11153049/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Advantages / inconveniences of heredoc vs nowdoc in php
提问by Mathieu
As a newbie, I have been advised to preferably use heredoc compared to too many nested codes (see Unexpected T_ELSE in php code).
作为新手,与太多嵌套代码相比,我被建议最好使用 heredoc(请参阅php 代码中的意外 T_ELSE)。
But I can't manage to understand if there is a significant difference between heredoc and nowdoc.
但我无法理解 heredoc 和 nowdoc 之间是否存在显着差异。
What would be the advantages for heredoc and nowdoc compared to the other one that would be important for a newbie to understand (i.e. not very minor advantages but important to understand for me).
与对新手理解很重要的另一个相比,heredoc 和 nowdoc 的优势是什么(即不是很小的优势,但对我来说很重要)。
回答by deceze
Nowdocs are to single-quoted strings what heredocs are to double-quoted strings. A nowdoc is specified similarly to a heredoc, but no parsing is done inside a nowdoc. The construct is ideal for embedding PHP code or other large blocks of text without the need for escaping.
http://php.net/manual/en/language.types.string.php#language.types.string.syntax.nowdoc
Nowdocs 是单引号字符串,就像heredocs 是双引号字符串。nowdoc 的指定与 heredoc 类似,但在 nowdoc 中不进行解析。该构造非常适合嵌入 PHP 代码或其他大文本块而无需转义。
http://php.net/manual/en/language.types.string.php#language.types.string.syntax.nowdoc
In other words:
换句话说:
$foo = 'bar';
$here = <<<HERE
I'm here , $foo !
HERE;
$now = <<<'NOW'
I'm now , $foo !
NOW;
$hereis "I'm here , bar !", while $nowis "I'm now , $foo !".
$here是“我在这里,酒吧!” ,$now而是“我现在,$foo !” .
If you don't need variable interpolation but need special characters like $inside your string, Nowdocs are easier to use. That's all.
如果您不需要变量插值,但需要$在字符串中使用特殊字符,则 Nowdocs 更易于使用。就这样。
回答by Dhairya Lakhera
heredocs
1. heredocstext behaves just like a double-quoted string, without the double quotes.
2. Quotes in a heredocdo not need to be escaped, but the escape codes \n linefeed,
\r carriage return,
\t horizontal tab, \v vertical tab, \e escape, \f form feed, \ backslash,\$ dollar sign,\" double-quotecan still be used. Variables are expanded, but the same care must be taken when expressing complex variables inside a heredocas with strings.
heredocs
1. heredocs文本的行为就像一个双引号字符串,没有双引号。
2.一种在行情定界符并不需要转义,但转义码\ n换行,
\ r回车,\吨水平制表符,\ v垂直制表,。\ E逃逸,\ f换,\反斜杠,\ $美元符号,\"仍然可以使用双引号。变量被扩展,但在heredoc 中表达复杂变量时必须像使用字符串一样小心。
Example :
例子 :
$myname='Tikku';
$heredoc_exmaple= <<<HEREDOC
\n ,\r ,\t ,\r ,\v ,\e ,\f ,\ , \ , ,$ , $myname , ' , $myname , \" ,\'
HEREDOC;
echo $heredoc_exmaple;
//OUTPUT \n ,\r , , ,\v ,\e , ,\ , \ , ,$ , Tikku , ' , $myname , \" ,\'
nowdocs
1. nowdocstext behaves just like a single-quoted string, without the single quotes.
2. Quotes in a nowdocsdo not need to be escaped.Variables are not expanded in it.Advantage of nowdocsis embedding PHP code and escape codes without the need for escaping.
nowdocs
1. nowdocs文本就像单引号字符串一样,没有单引号。
2.在行情nowdocs不需要是escaped.Variables不是在it.Advantage扩大nowdocs被嵌入PHP代码和转义码,无需逃离。
Example :
例子 :
$myname='Tikku';
$nowdoc_exmaple= <<<'NOWDOC'
\n ,\r ,\t ,\r ,\v ,\e ,\f ,\ , \ , ,$ , $myname , ' , $myname , \" ,\'
NOWDOC;
echo $nowdoc_exmaple;
//OUTPUT \n ,\r ,\t ,\r ,\v ,\e ,\f ,\ , \ , ,$ , $myname , ' , $myname , \" ,\'
Syntax: A nowdoc is identified with the same <<< sequence used for heredocs, but the identifier which follows is enclosed in single quotes, e.g. <<<'NOWDOC'. All the rules for heredoc identifiers also apply to nowdoc identifiers, especially those regarding the appearance of the closing identifier.
语法:nowdoc 用与heredocs 相同的<<< 序列标识,但后面的标识符用单引号括起来,例如<<<'NOWDOC'。Heredoc 标识符的所有规则也适用于 nowdoc 标识符,尤其是关于结束标识符外观的规则。
回答by Kzqai
Nowdoc is great when you don't want to deal with quoting and unquoting complex strings, since it won't interpret any quotes and it won't accept variables. As such, it's well suited to manually displaying actual code snippets!
当您不想处理引用和取消引用复杂字符串时,Nowdoc 非常有用,因为它不会解释任何引号并且不会接受变量。因此,它非常适合手动显示实际代码片段!
However, if you're using a mix of heredocs and nowdocs for blocks of string content, which is an easy temptation to fall into, you could easily run into XSS (cross site scripting) problems where-ever you use heredoc! As such, this approach is just not clean enough for me to recommend to a developer starting out in php! Instead, you should be trying to use templates (of whatever kind, or whatever template engine you like), for these large blocks of information. After all, you don't want html in your php, and you -certainly- don't want user-injected javascript, like:
但是,如果您将heredocs 和nowdocs 混合用于字符串内容块,很容易陷入这种诱惑,那么无论您在何处使用heredoc,都可能很容易遇到XSS(跨站点脚本)问题!因此,这种方法不够干净,我无法向从 php 开始的开发人员推荐!相反,您应该尝试使用模板(无论哪种类型,或您喜欢的任何模板引擎)来处理这些大块信息。毕竟,您不希望在 php 中包含 html,而且您 - 当然- 不希望用户注入 javascript,例如:
$username = '<script>alert(document.cookie.toString())</script>';
$insecure_example = <<<HERE
I really like having my site exploited, $username
HERE;
So don't use HEREDOCS and NOWDOCS in the place of a proper templating approach or a templating engine.
所以不要使用 HEREDOCS 和 NOWDOCS 来代替适当的模板方法或模板引擎。
Where-ever there is an interface between languages or technologies, you have to encode. php to sql? bind. php to html? encode. http to php?
只要语言或技术之间存在接口,就必须进行编码。php转sql?绑定。php转html?编码。http转php?
