Skip navigation.
Home

echo "using echo sucks!";

Wonky Code

Nicely formatted, easy to read, but oh so wrong. The switch is bad enough but using all those echo makes me so angry. I pity all pour souls that have to work with code like this.

<?php
if(@$_POST['vote'] == TRUE)
{
   switch (@
$_POST['bewertung'])
       {
           case
"1":
             
$punkt = 1;
             break;
           case
"2":
             
$punkt = 2;
             break;
           case
"3":
             
$punkt = 3;
             break;
           case
"4":
             
$punkt = 4;
             break;
           case
"5":
             
$punkt = 5;
             break;
            case
"6":
             
$punkt = 6;
             break;
            case
"7":
             
$punkt = 7;
             break;
           case
"8":
             
$punkt = 8;
             break;
             case
"9":
             
$punkt = 9;
             break;
             case
"10":
             
$punkt = 10;
             break;
         }
mysql_query("INSERT INTO bewertung(repID,punkte) VALUES ('$repID','$punkt')");
}

/* hier kommt nur die Ausgabe der Puntkte nich relevant*/

echo "<table border=0 width=80 cellspacinng=0 cellpadding=0>";
echo
"  <tr>";
echo
"   <td>";
echo
"     <form method=\"post\" type=\"text/css\" action=\"http://www.example.com/index.php?section=Replays\">";
echo
"        <select name=\"bewertung\" size=\"1\">";
             for (
$bew = 1 ; $bew &lt;= 10 ; $bew++)
                     {
                       echo
"<option>".$bew."</option>";
                     }
echo
"   </td>";
echo
"   <td>";
echo
"              <input type=\"submit\" value=\"Vote\" name=\"vote\">";
echo
"            </form>";
echo
"   </td>";
echo
"  </tr>";
echo
"</table>";
?>

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

lol how about replacing that switch with:
$punkt = intval($_POST['bewertung']);

Ok, so we all know echo is slow compared to just ending the PHP and dumping straight html. But just HOW slow is echo?

kylector-
I don't know how much slower it is, but I don't think that's the biggest problem with this use of echo.

The problem is that this is considerably less readable, especially if the text editor being used doesn't highlight HTML within php strings.

At least the user input is validated and thoroughly cleaned before it is used. That fact alone makes it quite a lot better than many other pieces of code, that might use more elegant methods.

echo ... print ... embedded HTML, once upon a time, an article showed that the slower print is slower than echo (when print('string'.$variable.'string') vs. echo 'string', $variable, 'string') but the fastest output method is embedding HTML. i work for a small company, and the previous developer did/does the same thing: he outputs HTML tags indented with tab

... and outputs the code with echo

also note, i think he never used a simple text editor to write PHP code, (it seems) he always used Macromedia Dreamweaver ...

ps: sorry for the 2-part post, somethings wrong with my copy/cut/paste keys ... :-/

@Ole Hansen: You call that clean? What if the Value of $_POST['bewertung'] doesn't meet any of the criterias? Where is the default Value for $punkt? This way you can too easily inject harmful SQL-Code if the server permits it. Now with the newer versions of MySQL doing nasty things is no problem as subselects are allowed.

OK, you're right, I missed those parts - some of it might be outside the code shown here, but nevermind. Allow me to rephrase to "At least the coder tried to validate his input..."

sure this code is a step beyond the most bad code, but its still
stupid. like freedimension said there is no default value. also, the author uses @ to supress php errors instead of checking the input
correct. that makes clear the author isn't familar with php nor
security. the bunch of echo's emphasize that.

heres my suggestion:

$vote = $_POST['vote'] == '1' ? true : false;
$punkt = (int) $_POST['bewertung'];

if ($vote === true && $bewertung > 0 && $bewertung < 11)
{
mysql_query("INSERT INTO bewertung(repID,punkte) VALUES ('$repID','$punkt')");
}

Are you all talking about jus

Are you all talking about just simple pages? In complex applications I've always crammed the html into a variable i can pass back and output where i see fit to build up standards compliant and reusable code. using echo like that is obviously a WTF and he's not doing anything super complex here, but i feel like everyone is ignoring other scenarios.

And I've always used Dreamweaver cause that's what I'm given at work. And I enjoy the check in check out features, etc. What editor highlights PHP in a string? And it'd have to be Windows and OS X or two separate programs that have similar features for each respective platform.

Post new comment




*

  • Web and e-mail addresses are automatically converted into links.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <p> <br /> <br>