A programming language is an artificial language designed to communicate instructions to a machine, particularly a computer. Programming languages can be used to create programs that control the behavior of a machine and/or to express algorithms precisely....
Ruby is a dynamic, reflective, general-purpose object-oriented programming language that combines syntax inspired by Perl with Smalltalk-like features. Ruby originated in Japan during the mid-1990s and was first developed and designed by Yukihiro "Matz" Matsumoto...
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Perl was originally developed by Larry Wall in 1987 as a general-purpose Unix scripting language to make report processing easier. Since then, it has undergone many changes and revisions and become widely popular...
In formal languages, which are used in mathematical logic and theoretical computer science, a string is a finite sequence of symbols that are chosen from a set or alphabet....
or replace a variable with its value. It makes string formatting and specifying contents more intuitive.
PHP
$str = <<
Example of string
spanning multiple lines
using heredoc syntax.
EOD;
echo <<
My name is "$name". I am printing some $foo->foo.
Now, I am printing some {$foo->bar[1]}.
This should print a capital 'A': \x41
EOT;
?>
The output will be:
My name is "Jason". I am printing some Foo.
Now, I am printing some Bar2.
This should print a capital 'A': A
Perl
!/usr/bin/perl
use strict;
use warnings;
my $apples = 4;
print "I have $apples apples\n";
The output will be:
I have 4 apples
Ruby
apples = 4
puts "I have #{apples} apples"
puts "I have %s apples" % apples
The output will be:
I have 4 apples
BOO
apples = 4
print("I have $(apples) apples")
// or
print("I have {0} apples" % apples)
The output will be:
I have 4 apples
CoffeeScript
apples = 4
console.log "I have #{apples} apples"
The output will be:
I have 4 apples
Python
apples = 4
print "I have %s apples" % apples
The output will be:
I have 4 apples
Security Issues
String Interpolation, like string concatenation, may lead to security problems. When failed to properly escape or filter user input data, system will expose to SQL Injection
SQL injection
A SQL injection is often used to attack the security of a website by inputting SQL statements in a web form to get a badly designed website in order to dump the database content to the attacker. SQL injection is a code injection technique that exploits a security vulnerability in a website's software...
, Script Injection, XML External Entity Injection (XXE), and Cross Site Scripting (XSS) attacks.
An example of SQL Injection will be like this:
query = "SELECT x, y, z FROM Table WHERE id= '$id'
If id is replaced with "'; DELETE FROM Table WHERE = '", executing this query will wipe out all the data on the local machine.
The source of this article is wikipedia, the free encyclopedia. The text of this article is licensed under the GFDL.
