Le 18/03/2022 à 15:02, Chase Peeler a écrit :
On Fri, Mar 18, 2022 at 12:49 AM Theodore Brown <theodor...@outlook.com>
wrote:
On Thu, Mar 17, 2022 at 5:40 PM Tobias Nyholm <tobias.nyh...@gmail.com>
wrote:
On Thu, 17 Mar 2022, 23:27 Ilija Tovilo, <tovilo.il...@gmail.com> wrote:
Hi everyone
I'd like to start discussion on a new RFC for arbitrary string
interpolation.
https://wiki.php.net/rfc/arbitrary_string_interpolation
Let me know what you think.
That is a cool idea.
But I am not a big fan of having code in strings.
Wouldn’t this open the door to all kinds of new attacks?
Do you have an example of a new kind of attack this would allow?
The proposal doesn't enable interpolation of strings coming from
a database or user input - it only applies to string literals
directly in PHP code.
Personally I'm really looking forward to having this functionality.
Just a couple days ago I wanted to call a function in an interpolated
string, and it was really annoying to have to wrap the function in a
closure in order to use it.
If this RFC is accepted I'd be able to replace code like this:
$name = "Theodore Brown";
$strlen = fn(string $string): int => strlen($string);
echo "{$name} has a length of {$strlen($name)}.";
with
$name = "Theodore Brown";
echo "{$name} has a length of {$:strlen($name)}.";
Out of curiosity, why not:
$name = "Theodore Brown";
echo "{$name} has a length of ".strlen($name).".";
or even
$name = "Theodore Brown";
$len = strlen($name);
echo "{$name} has a length of {$len}.";
I guess it's a matter of taste and convention.
Sometime, it make sense and it's just easier to just use string
interpolation (for example with multiline templates).
Regards,
--
Pierre
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
