Home » Php » php – What are the rules of string manipulation when using backticks (grave accents)?

php – What are the rules of string manipulation when using backticks (grave accents)?

Posted by: admin July 12, 2020 Leave a comment

Questions:

In PHP when you write a set a variable equal to a string wrapped in grave accents, it gets executed as it would if it were inside a shell_exec() command. What does the grave accent symbol (`) ( not single quote) represent in PHP?

So, in php you can do all sorts of things to combine strings with variables, etc, what can I and can’t I do when using ` instead of ‘ or ” ?

How to&Answers:

In the PHP, that character is called a backtick operator.

A literal string wrapped in backticks is a T_ENCAPSED_AND_WHITESPACE token. You can confirm this by running something like this:

print_r(token_get_all('<?php `uname`;'));

which gives you this:

Array
(
    [0] => Array
        (
            [0] => 367
            [1] => <?php 
            [2] => 1
        )

    [1] => `
    [2] => Array
        (
            [0] => 313
            [1] => uname
            [2] => 1
        )

    [3] => `
    [4] => ;
)

And then run token_name(313) which gives you T_ENCAPSED_AND_WHITESPACE.

To the parser, a string wrapped in backticks is equivalent to a string with variables in it like "hello $world". The literal/constant part of the string (the hello part) is T_ENCAPSED_AND_WHITESPACE.

So to answer your question, anything that you can do to a string that contains variables you can do to a string wrapped in backticks.

So why T_ENCAPSED_AND_WHITESPACE? Probably, because like a string containing variables, it’s value is determined at runtime. Whereas a T_CONSTANT_ENCAPSED_STRING (a normal literal string) is kind of like a constant in the eyes of the parser.