PHP echo vs PHP short echo tags

PhpFunctionEchoPageload

Php Problem Overview

Are they equal in safeness? I was informed that using

<?=$function_here?>

was less safe, and that it slows down page load times. I am strictly biased to using echo.

What are the advantages/disadvantages?

Php Solutions

Solution 1 - Php

<? and <?= are called short open tags, and are not always enabled (see the short_open_tag directive) with PHP 5.3 or below (but since PHP 5.4.0, <?= is always available).

Actually, in the php.ini-production file provided with PHP 5.3.0, they are disabled by default:

$ grep 'short_open' php.ini-production
; short_open_tag
short_open_tag = Off

So, using them in an application you want to distribute might not be a good idea: your application will not work if they are not enabled.

<?php, on the other side, cannot be disabled -- so, it's safest to use this one, even if it is longer to write.


Except the fact that short open tags are not necessarily enabled, I don't think there is much of a difference.

Solution 2 - Php

Echo is generally just better to use because...

  1. It supports good programming style.
  2. It can't be turned off in php.ini (short tags can be)
  3. Short tags will be removed in PHP 6)

But, they are generally the same. See also:

  1. https://stackoverflow.com/questions/200640/are-php-short-tags-acceptable-to-use
  2. https://stackoverflow.com/questions/234241/how-are-echo-and-print-different-in-php

Solution 3 - Php

http://php.net/manual/en/language.basic-syntax.phpmode.php states:

> Starting with PHP 5.4, short echo tag is always recognized and valid, regardless of the short_open_tag setting.

short_open_tag Off or On doesn't matter anymore.

So now you can, without concern, put tags like this in your templates:

    <?= (($test) ? "val1" : "val2") ?>

It is official now, the "short echo tag" is something very different than the "short tag".

Solution 4 - Php

Apart from the whole semi-religious debate on whether or not using short tags are a good idea and whether or not it should be considered deprecated, the original question was on how safe or unsafe they are to use.

Simply put, if you use short tags on a server that doesn't support them, parts of your PHP code may be exposed which can be considered a security vulnerability.

Solution 5 - Php

Just to add another source of PSR: http://www.php-fig.org/psr/psr-1/

> PHP code MUST use the long tags or the short-echo tags; it MUST NOT use the other tag variations.

specifying:

 <?php ?> and <?= ?>

Solution 6 - Php

You should use

Also, already on PHP 5.5

If not sure yet.. A bit of googling helps a lot =D

Categories
Recommended Php Solutions
Recommended Function Solutions
Recommended Echo Solutions
Recommended Pageload Solutions

Previous Solution:

Which PEP's are must reads?

PythonPep

Next Solution:

Why & When should I use SPARSE COLUMN? (SQL SERVER 2008)

SqlSql ServerDatabase DesignSql Server-2008

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionhomeworkView Question on Stackoverflow
Solution 1 - PhpPascal MARTINView Answer on Stackoverflow
Solution 2 - PhpcarlView Answer on Stackoverflow
Solution 3 - PhpBlouarfView Answer on Stackoverflow
Solution 4 - PhpFrankView Answer on Stackoverflow
Solution 5 - PhpleopoldView Answer on Stackoverflow
Solution 6 - PhpLucasView Answer on Stackoverflow