Do not judge strictly. This can be said my first script, which I parse and that lump. :( In short, the point is this. There is a form send.html :

<html> <body> <form action="script.php" method="POST"> Введите имя: <input type=text name="name"><br> Введите возраст: <input type=text name="age"><br> <input type=submit value="GO!"> </form> </body> </html>

And there is a script script.php :

 <?php echo "Привет,$_POST['name']! Вам $_POST['age'] лет !"; ?>

So, as a result of the work of this simple script, the error takes off:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting '-' or identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in E: \ wamp64 \ www \ mysite \ script.php on line 2

And here I do not understand: either something in the code is not correct, or my web server is buggy. By the way, I have a build WAMP 64bit 3.0.6.

  • +1 for the word "prosthetics" - Igor

3 answers 3

In order to avoid the same errors in the future, it is best to put all variables behind quotes and use single quotes. Using single quotes is preferable in terms of speed: the PHP interpreter does not have to look for the presence of variables (saving "on matches", but still), since they are not processed in single quotes.

If you plan to study and work with PHP in the future, try not to access the $ _POST, $ _GET variables and the like directly. This is due to the fact that $ _POST ['name'] may not be set, and if you have configured to display errors of the E_STRICT level (very useful when writing scripts), then errors will constantly appear. For data acquisition, it is best to use the filter_input () function, with its help you can check the data for correctness, but read about it in the documentation.

Never print data entered by the user directly, without processing, to the page. This is fraught with many problems, such as XSS. All data that can contain ampersands, quotes, less characters and more need to be enclosed in the htmlspecialchars () function.

As a result, your echo might look like this:

 echo 'Привет, '.htmlspecialchars(filter_input(INPUT_POST, 'name')).'! Вам '.htmlspecialchars(filter_input(INPUT_POST, 'age')).' лет !';
  • Thank you very much, it turned out.) But with this syntax, the script ceases to be "prosthetically.") - Romul

Dmitry OnGamer, correctly noted! When using variables in the input, in particular in echo "" Variables need to be wrapped in {$ var} curly braces so that the compiler can distinguish it from plain text. If you use double quotes in echo, then ordinary variables of the $ var type are possible without {}. But variables of type array $ var ['value] need to be wrapped in braces. You can also use concatenation. Examples

 echo "Привет $name"; //двойные кавычки echo "Привет {$_POST['name]}"; //Переменная типа массив echo "Привет " . $_POST['name']; //Конкатенация

    Use curly braces:

     echo "Привет,{$_POST['name']}! Вам {$_POST['age']} лет !";
    • I prefer this option!) - Romul