20

Let's say my string is:

$str = "abcdefg foo() hijklmopqrst";

How do I let PHP call the function foo() and insert the returning string to the rest of that string?

Valerio Bozz
  • 1,176
  • 16
  • 32
lovespring
  • 19,051
  • 42
  • 103
  • 153

7 Answers7

31

If you're calling a method of some class, you can use normal variable expansion. For example:

<?php
class thingie {

  public function sayHello() {
    return "hello";
  }

}

$t = new thingie();
echo "thingie says: {$t->sayHello()}";

This will output:

thingie says: hello

Note that the braces around the call are required.

HonoredMule
  • 719
  • 11
  • 21
  • 3
    But it seems calling a global function this way, won't work – Opux Oct 31 '16 at 16:57
  • By wrapping the global functions you want to support in an object of methods, you can control the footprint of exposure to bugs and security leaks. I think you'd be hard-pressed to find an easier way to /safely/ offer such power. Your wrapper methods can even perform additional validation/restriction if needed. – HonoredMule Jun 27 '18 at 13:57
24

Just use this:

$str = "abcdefg".foo()."hijklmnopqrstuvwxyz";

It will call function during string creation.

Frederick Marcoux
  • 2,195
  • 1
  • 26
  • 57
20
function foo()
{
    return 'Hi';
}
$my_foo = 'foo';
echo "{$my_foo()}";
v.babak
  • 818
  • 11
  • 13
  • 3
    This is a great "trick." You can even pass parameters or other variables to it, ie. `echo "{$my_foo('bar')}"` or `echo "{$my_foo($bar)}"` - especially useful when building SQL queries with many escaped values. – Nick D May 24 '17 at 21:17
9
$str="abcdefg foo() hijklmopqrst";
function foo() {return "bar";}

$replaced = preg_replace_callback("~([a-z]+)\(\)~", 
     function ($m){
          return $m[1]();
     }, $str);

output: 

$replaced == 'abcdefg bar hijklmopqrst';

This will allow any lower-case letters as function name. If you need any other symbols, add them to the pattern, i.e. [a-zA-Z_].

Be VERY careful which functions you allow to be called. You should at least check if $m[1] contains a whitelisted function to not allow remote code injection attacks. 

$allowedFunctions = array("foo", "bar" /*, ...*/);

$replaced = preg_replace_callback("~([a-z]+)\(\)~", 
     function ($m) use ($allowedFunctions) {
          if (!in_array($m[1], $allowedFunctions))
              return $m[0]; // Don't replace and maybe add some errors.

          return $m[1]();
     }, $str);

Testrun on "abcdefg foo() bat() hijklmopqrst" outputs "abcdefg bar bat() hijklmopqrst".

Optimisation for whitelisting approach (building pattern dynamically from allowed function names, i.e. (foo|bar).

$allowedFunctions = array("foo", "bar");

$replaced = preg_replace_callback("~(".implode("|",$allowedFunctions).")\(\)~", 
     function ($m) {
          return $m[1]();
     }, $str);
Basti
  • 3,998
  • 1
  • 18
  • 21
8
$foo = foo();
$str = "abcdefg {$foo} hijklmopqrst";
savinger
  • 6,544
  • 9
  • 40
  • 57
7

Short answer

No. There is no native construct to do exactly that.

A simple concatenation may be better. Maybe uglier but more efficient for the PHP parser.

Long answer

Well. Yes.

If you really need to get arbitrary expressions being evaluated from a double-quoted string, you can implement this workaround, speculating on a feature called variable-functions:

<?php
/**
 * The hack
 *
 * @param $v mixed Value
 * return mixed Value (untouched)
 */
$GLOBALS['_'] = function ( $v ) {
    return $v;
};

// Happy hacking
echo "Today is {$_( date( 'Y-m-d' ) )} and the max function returns {$_( max( 1, 2, 3 ) )}...{$_( str_repeat( ' arrh', 3 ) )}!";

Result:

Today is 2018-02-07 and the max function returns 3... arrh arrh arrh!

The example is not limited to date(), max() and str_repeat(): you can surely define your own functions like foo() and just call them, as long as they return a valid string.

In short this example creates a simple variable. It has a very short name: just an underscore. So, the variable is really called $_. This variable, to be honest, it's a function and, to be honest, it just returns what you express in the first argument. This is syntax sugar for you, since functions are not easily expanded as-is inside a string. Instead, variables are expanded easily. That's it.

I wonder if PHP will ever introduce a native feature to do that (note: I've written this note in 2018).

Limitations

Note that, even in this way, the functions are expanded when you define the string. I really cannot guess your needs, but if you need to expand the function later, and not during string definition, you probably need to adopt something more advanced, like a parser. There are many, especially suitable for text templates. But that is outside the scope of this answer I guess.

Feel free to comment / suggest other approaches to expand functions inside a string or just improve your question to share more context about your need.

References:

Valerio Bozz
  • 1,176
  • 16
  • 32
  • long answer: definitely NO (but you can use some obfuscated hack). Please note, this solution won't work if the interpolated string is inside a function. You would have to use $GLOBALS['\_'] or global $\_; what is a huge pain. – goteguru Sep 01 '23 at 09:47
4

Its still not possible, There are hacks available but not what I would recommend rather suggest to stick with old school dot operator i.e. $str="abcdefg ". foo() ." hijklmopqrst";

As per the Complex (curly) syntax documentation

Note:
Functions, method calls, static class variables, and class constants inside {$} work since PHP 5. However, the value accessed will be interpreted as the name of a variable in the scope in which the string is defined. Using single curly braces ({}) will not work for accessing the return values of functions or methods or the values of class constants or static class variables.

Mubashar
  • 12,300
  • 11
  • 66
  • 95