What are the rules for string manipulation when using feedback signals (serious accents)?

Question

What are the rules for string manipulation when using feedback signals (serious accents)?

In PHP, when you write a set equal to a string wrapped in serious accents, it starts as if it were inside the shell_exec() command. What is a serious accent (`) character (not a single quote) in PHP?

So, in php you can do all kinds of things to combine strings with variables, etc., what can and cannot I do when I use `instead 'or ??

+7

string php shell backticks

Kristian May 30 '12 at 18:14

source share

1 answer

jnrbsn · Accepted Answer · 2012-05-30T18:46:39+0000

In PHP, this character is called the backtick operator.

The literal string enclosed in backlinks is the T_ENCAPSED_AND_WHITESPACE token. You can confirm this by doing something like this:

 print_r(token_get_all('<?php `uname`;'));

which gives you the following:

 Array ( [0] => Array ( [0] => 367 [1] => <?php [2] => 1 ) [1] => ` [2] => Array ( [0] => 313 [1] => uname [2] => 1 ) [3] => ` [4] => ; )

And then run token_name(313) , which will give you T_ENCAPSED_AND_WHITESPACE .

For the analyzer, a string enclosed in backlinks is equivalent to a string with variables in it , for example, "hello $world" . The literal / constant part of the string (part hello ) T_ENCAPSED_AND_WHITESPACE .

So, to answer your question, all you can do is with a string containing the variables you can do, with a string wrapped in backlinks.

So why T_ENCAPSED_AND_WHITESPACE ? Probably because, like a string containing variables, this value is determined at runtime. While a T_CONSTANT_ENCAPSED_STRING (normal literal string) is like a constant in the eyes of the parser.

What are the rules for string manipulation when using feedback signals (serious accents)?

More articles: