Daniel Beardsley wrote on 21/03/2016 06:35:
You are right. Though not all those problems are serious:
* URI escaping:
   Does anyone really use <?= ?> or echo when generating a uri?
* Javascript:
   Good point, though I would say it's fairly rare to create javascript
   code using a php template with variables. The most we ever do
   in our app is  <?= json_encode($someArray) ?>

I've done both of these in the past (using Smarty, in my case); here's some example uses:

<a href="/products/<?= $product['category'] ?>/<?= $product['id'] ?>"><?= $product['name'] ?></a>

<script>var debug_session_id = '<?= get_debug_session_id() ?>';</script>

Now, I'm not saying there aren't better ways of doing these things, but people absolutely do it like this, and a hook into something as fundamental as "echo" can't really rely on "it's quite rare" as an excuse for not accounting for them.

Regards,
--
Rowan Collins
[IMSoP]

--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to