How to clear previously echoed items in PHP

PhpOutputEchoOutput Buffering

Php Problem Overview

In php, is there any way to clear/remove all previously echoed or printed items?

For example:

<?php

echo 'a';
print 'b';

// some statement that removes all printed/echoed items

echo 'c';

// the final output should be equal to 'c', not 'abc'

?>

My script uses the include function. The included files are not supposed to echo anything. Just in case someone (ex = hacker) tries, I need a way to remove.

Php Solutions

Solution 1 - Php

<?php

ob_start();
echo 'a';
print 'b';

// some statement that removes all printed/echoed items
ob_end_clean();

echo 'c';

// the final output is equal to 'c', not 'abc'

?>

Output buffering functions

The output buffering functions are also useful in hackery to coerce functions that only print to return strings, ie.

<?php
ob_start();
var_dump($myVar);
$data = ob_get_clean();
// do whatever with $data
?>

Solution 2 - Php

while @monoxide is right, its better to find more intuitive ways of doing the same. e.g.:

<?php
$val_to_print = $a;
if( $need_to_change==true ) 
    $val_to_print = $b;
// when you are sure you won't have to change again...
echo $val_to_print;
?>

Cheers,

jrh

Solution 3 - Php

Ideally, you shouldn't output anything that you don't ultimately want printed. Keep your logic separate from your presentation for less frustration.

That being said, you can consult the Output Buffering options within PHP.

Solution 4 - Php

If it is debug output and program status information you are worried about maybe trigger_error may be nearer to what you need, such as:

trigger_error ("Attempting to load report #{$report_id}.", E_USER_NOTICE);

When your script is in production it wont show up any errors as generally they are disabled or logged. It's also best to do fatal errors this way with E_USER_ERROR rather than using die ().

ob_start ();
require ($filename);
$html = ob_get_clean ();

The above will also include a file and give you its contents as a string.

Caveat: Ditching the buffer will also ditch any error messages thrown up, making debugging (potentially) a nightmare.

Solution 5 - Php

If a hacker let's say has access to your PHP file, he will also be able to remove the statement clearing the output buffer.

If you are doing this because you are letting your users upload PHP scripts, let me tell you that this is an extremely bad idea.

In both cases, doing what you are asking for adds 0 security.

Categories
Recommended Php Solutions
Recommended Output Solutions
Recommended Echo Solutions
Recommended Output Buffering Solutions

Previous Solution:

How do I encode Unicode character codes in a PowerShell string literal?

PowershellUnicodeString LiteralsUnicode Literals

Next Solution:

Distributed Lock Service

JavaTimeoutLockingDistributed Lock

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionedtView Question on Stackoverflow
Solution 1 - PhpMatthew ScharleyView Answer on Stackoverflow
Solution 2 - PhpjrharshathView Answer on Stackoverflow
Solution 3 - PhpSampsonView Answer on Stackoverflow
Solution 4 - PhpMeep3DView Answer on Stackoverflow
Solution 5 - PhpAndrew MooreView Answer on Stackoverflow