Special uses of this syntax in PHP? (Triple 'Angle Brackets')

Question

Given the following code:

$myString = <<<script
   .
   .
   .
 script;

Thanks to the answers on the original version of this question, I understand <<< to be heredoc syntax, treated as double quotes without the need for escaping quotes.

Taking this a step further, how is this best exploited? Specifically, should this ease the strain of dealing with mixed quote strings containing code syntax?

i,e..

attribute="name-like string" attribute="property: 'value("value")';"

The thought is this may be useful (if implemented the way I am now guessing) especially when dealing with greater complexity and/or looking out for code injection. Again, looking for any scenarios where the heredoc for is particularly useful or exploitable.

score 9 · Accepted Answer · answered Apr 19 '11 at 02:22

9

It's Heredoc syntax: http://php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc

Its biggest virtue is that you don't have to worry about escaping quotes, since the string is not quote delimited.

answered Apr 19 '11 at 02:22

deceze

510,633
85
743
889

score 3 · Answer 2 · answered Apr 19 '11 at 02:24

3

It's called heredoc syntax:

A third way to delimit strings is the heredoc syntax: <<<. After this operator, an identifier is provided, then a newline. The string itself follows, and then the same identifier again to close the quotation.

Read more here.

answered Apr 19 '11 at 02:24

Demian Brecht

21,135
5
42
46

+1 for explaining the identifier here. Cleared up the syntax reading for me. – That Realty Programmer Guy Apr 19 '11 at 03:56

score 2 · Answer 3 · answered Apr 19 '11 at 02:25

2

It acts as a double qouted string, better to use double qoutes, easier to understand and easier to mantain in my eyes!

answered Apr 19 '11 at 02:25

Version1

657
5
13

Niice.. It looked like a bitwise shift to me but figured it wasn't due to the extra "<". You learn something new everyday! – locrizak Apr 19 '11 at 02:28
Indeed, but I find it easier to keep to one rule where I can, it makes it alot easier to write clean code, even though in some cases it can be useful, but it comes few and far between :) – Version1 Apr 19 '11 at 02:31
I hear ya, consistency is the best. – locrizak Apr 19 '11 at 02:35
2

heartily agree. thankfully this isn't *my* code =) I admit though, not escaping quotes in web code..seems like it could be pretty useful with strings of javascript and the like. Looking at this code, I don't think it was a bad practice as a search for << – That Realty Programmer Guy Apr 19 '11 at 03:54
The Heredoc differs from double quoted strings in that you don't need to escape double quotes. And which variant is “better to use” is highly debatable. – feeela Jul 18 '16 at 12:22

Special uses of this syntax in PHP? (Triple 'Angle Brackets')

3 Answers3