Posted By

juno on 03/20/07


Tagged

php html


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

basicmagic


user PHP's heredoc syntax


 / Published in: PHP
 

URL: http://pdxphp.org/articles/escaping-injected-data

The above example uses PHP's heredoc syntax. With it, we can completely eliminate PHP tags from the insides of HTML tags.

  1. <?php
  2. foreach ($contacts as $contact_object) {
  3. $contact_array = (array) $contact_object;
  4. foreach ($contact_array as $key=>$value) $$key = h($value);
  5. echo <<<END_ROW
  6.   <tr>
  7.   <td>$id</td>
  8.   <td>$first_name</td>
  9.   <td>$last_name</td>
  10.   <td>$phone</td>
  11.   <td>
  12.   <a href="?action=edit&amp;id=$id">edit</a>
  13.   <a href="?action=delete&amp;id=$id">delete</a>
  14.   </td>
  15.   </tr>
  16. END_ROW;
  17. }

Report this snippet  

You need to login to post a comment.