TalkPHP - View Single Post - How to go to a particular page when i click on a particular word?

Salathe · 07-02-2009, 10:24 PM

You make two claims.

Concatenating strings like that will impact on page performance.
Please clarify why you think this. Have you read some information on this subject which makes the claim, or done some profiling and benchmarking? What more performant alternatives would you use to replace that line of code?
Coding in that manner is somehow unsafe.
Now, I think that I know where you're coming from on this. The idea is that throwing variables blindly into HTML could, in theory at least, result in the ability to exploit that piece of code (injecting malicious code, for example). However to claim that any code using plain variables concatenated with HTML strings is somehow insecure, I think that's stretching it a bit. Again, what would you do instead of the quoted line of code which would make it much more safe?

07-02-2009, 10:24 PM	#10 (permalink)
Salathe Moderateur Join Date: Apr 2007 Posts: 1,393 Thanks: 5	You make two claims. Concatenating strings like that will impact on page performance. Please clarify why you think this. Have you read some information on this subject which makes the claim, or done some profiling and benchmarking? What more performant alternatives would you use to replace that line of code? Coding in that manner is somehow unsafe. Now, I think that I know where you're coming from on this. The idea is that throwing variables blindly into HTML could, in theory at least, result in the ability to exploit that piece of code (injecting malicious code, for example). However to claim that any code using plain variables concatenated with HTML strings is somehow insecure, I think that's stretching it a bit. Again, what would you do instead of the quoted line of code which would make it much more safe?