cbassett03 Posted September 2, 2010 Share Posted September 2, 2010 OK, I've seen this done both ways and want to know which (if any) is the most secure way to do it... I've been coding my pages using echo statements to write HTML, such as: <?php echo "<p><strong>hello, World!</strong></p>"; echo "<p>You are:$age year(s) old!</p> "; ... ?> and so on... but is this any better <?php <p><strong>Hello World!</strong></p> echo "<p><strong>You are $age year(s) old!</p>"; ?> Is one of these methods better than the other (using ECHO to write actual HTML statements out rather than just embedding them in the script without ECHO)? Which is the recommended method? Quote Link to comment Share on other sites More sharing options...
btherl Posted September 2, 2010 Share Posted September 2, 2010 There's no difference in security, it's a matter of style. I'm assuming you meant this for the second example: <p><strong>Hello World!</strong></p> <?php echo "<p><strong>You are $age year(s) old!</p>"; ?> I use Smarty templates myself, which are a lot more flexible but they are more effort to set up. They allow a very clean separation of the display logic and the back end logic. Quote Link to comment Share on other sites More sharing options...
fortnox007 Posted September 3, 2010 Share Posted September 3, 2010 I doubt putting a string inside you php tags without an echo would result in anything you would like. I haven't tested it, but it seems not right, and i am almost sure my php editor would ring the alarm bells Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.