How can I use a php parameter in HTML markup?
Question
So I have tried researching this before jumping into asking this question. Given that I have an index.php, and a cookie which stores the username, saved as $name, most answers tell me its simple to do this:
echo '<h3>'.$name.'</h3>'
But this doesnt work for me, and I assume its because im doing strange syntax for an if statement first, and I want to use the parameter within this if statement. My exact code looks more like this:
<?php
//store the cookie
$name=$_COOKIE['user'];
//check that it is set
if(isset($_COOKIE['user'])):
<section id="login">
<h1> Welcome</h1>
echo '<h3>'.$name.'</h3>';
</section>
else: //prompt to login
endif;
?>
It is meant to show a welcome message to a user that is logged in, adressing them by name, otherwise prompt the user to login.
So my question is: Why doesn't the parameter reflect at all? (shows nothing when the page is loaded) and How can I get this to work as intended?
ps. Please don't worry about the security risk of using cookies to do this etc. It is purposefully vulnerable.
pps. I am 100% sure the cookie is set, I viewed it with a cookie browser.
4 answers
solution1
2 ACCPTED 2018-04-06 08:02:59
It doesn't work because the previous two lines are invalid PHP so it would throw an error and stop working.
If you want to use the echo approach then the correct syntax would be:
echo '<section id="login">';
echo '<h1> Welcome</h1>';
echo '<h3>'.$name.'</h3>';
It is important to never insert external data as if it were raw HTML . This can render you vulnerable to XSS attacks. Treat the input as plain text and convert it to HTML before outputting it into an HTML document.
$name_html = htmlspecialchars($name);
echo '<section id="login">';
echo '<h1> Welcome</h1>';
echo '<h3>'.$name_html.'</h3>';
You can make the code easier to read by using variable interpolation:
$name_html = htmlspecialchars($name);
echo '<section id="login">';
echo '<h1> Welcome</h1>';
echo "<h3>$name_html</h3>";
And when outputting large chunks of HTML, it is easier to just drop out of PHP mode entirely:
$name_html = htmlspecialchars($name);
?>
<section id="login">
<h1> Welcome</h1>
<h3><?=$name_html?></h3>
<?php
Aside
Check to see if the cookie is set before you try to use it, not afterwards!
if(isset($_COOKIE['user'])):
$name=$_COOKIE['user'];
solution2
0 2018-04-06 08:04:29
you should use php + html like this:
<?php $var = 'my string'; ?>
<?php if ($var == 'my string') : ?>
<h1><?php echo $var; ?></h1>
<?php endif;?>
this breaks up the if statement, allowing you to add html inbetween the conditional statement without having to echo and html from php
solution3
0 2018-04-06 08:05:40
You should post any errors you get - But your can't just write html inside php, without either echoing it out, or ending the php for a while.
<?php
//store the cookie
$name=$_COOKIE['user'];
//check that it is set
if(isset($_COOKIE['user'])):?>
<section id="login">
<h1> Welcome</h1>
<?php echo '<h3>'.$name.'</h3>'; ?>
</section>
<?php else: //prompt to login
endif;
?>
solution4
0 2018-04-06 08:05:58
To display HTML code only if a php statement is true, just close the php tag right after you have opened the if statement and then put your HTML code between.
<?php
//store the cookie
$name=$_COOKIE['user'];
//check that it is set
if(isset($_COOKIE['user'])) {
?>
<section id="login">
<h1> Welcome</h1>
<h3><?php echo $name; ?></h3>
</section>
<?php
} else {
echo 'Please login';
}
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.