4

Im creating a web app where I want all of the responses to the user stored in a language file for easy editing. So Im using eval() to manage dynamic messages lik so:

$msg = 'Hello $user, your favorite color is $color';

$colors =  array("red","green","blue","yellow");
$users =  array("bob","craig","ted","dirty sanchez");

foreach($users as $key => $user){

 $color = $colors[$key];
 eval("\$newmsg = \"$msg\";");
 echo $newmsg;


}

Im wondering if this is the best approach or if there is a better way?

Improve this question

5 Answers 5

Reset to default
10

Never use that damn eval if not necessary! Your code won't work, you should use sprintf for your purpose.

$messageFormat = 'Hello %s, your favorite color is %s';

$colors =  array("red","green","blue","yellow");
$users =  array("bob","craig","ted","dirty sanchez");
foreach($users as $key => $user){
   $color = $colors[$key];
   $actualMessage = sprintf($messageFormat, $user, $color);
   echo htmlentities($actualMessage);
}

Assuming you're using this for comments or other user-supplied text, I've added htmlentities() to prevent XSS.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@websiteguru: There are two reasons why you ought not use eval if you can avoid (and you can avoid nearly always): a) it is a security risk. eval allows executing PHP. If a user could smuggle malicious input into eval, he could execute PHP (and thus, he would have nearly full control over your server.) b) eval is slow, really slow. And eval code is hard to understand. Even though I would call myself an experiences PHP developer it still took some time, till I got what your code does, whereas Lekensteyn's code is perfectly clear.
2

what you need is the printf function. you can define a string and have %s as place holder for a string.

then call 

printf($variable, $string1, $string2, $string);

the first %s gets replaced by $string1 and so on.

in your very example i would use vsprintf which returns the string and you can give an array so you can feed it what every array of params and input string you like

heres your example:

   <?
$msg = 'Hello %s, your favorite color is %s';
$colors =  array("red","green","blue","yellow");
$users =  array("bob","craig","ted","dirty sanchez");
foreach($users as $key => $user){
 $color = $colors[$key];
 $newmsg = vsprintf($msg,array($user,$color));
 echo $newmsg."\n";
}

?>
Improve this answer

Comments

0

I prefer this way:

<?php

$msg = 'Hello [USER], your favorite color is [COLOR]';

$colors =  array("red","green","blue","yellow");
$users =  array("bob","craig","ted","dirty sanchez");

foreach($users as $key => $user)
{
    $color = $colors[$key];

    $newmsg = str_replace(array('[USER]', '[COLOR]'), array($user, $color), $msg);
    echo $newmsg;
}
?>
Improve this answer

1 Comment

While not what I was looking for, this is interesting. How would this compare in performance to the sprintf solution? Specifically if there were a large amount of variables used.
0 
$colors =  array("red","green","blue","yellow");
$users =  array("bob","craig","ted","dirty sanchez");
$messages = array_combine($colors, $users);

foreach ($messages as $color => $user)
{
     echo "Hello $user, your favourite color is $color";
}

Using array_combine which creates arrays in the format $keys => $values making the following array:

"red" => "bob",
"green" => "craig",
"blue" => "ted",
"yellow" => "dirty sanches"
Improve this answer

Comments

0

You can use the strtr function

$msg = 'Hello @user, your favorite color is @color';
echo strtr($msg, array('@user'=>'bob', '@color'=>'red'));

Output:

Hello bob, your favorite color is red
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.