What is Greedy Token Analysis?

Question

What is Greedy Token Analysis?

What is a lousy token in PHP? I read the PHP coding guide that said the following ...

"Always use single quotation marks if you do not need variables, and in cases where you need variables, parse braces to prevent greedy analysis of tokens . You can also use double-quoted strings if the string contains single quotes, so you don’t need to use escape characters. "

Does curly brackets around my variables use some kind of security process to prevent hacking? (For example, {$ var}) Is the greedy token parsing some kind of attack that hackers can use, such as SQL injection or XSS (Cross Site Scriptiong

+6

php parsing token greedy

Jacob Haug Jul 29 '11 at 19:59

source share

2 answers

Legible parsing means that if a sequence of characters contains more than one possible token, the parser will accept the token with the most characters. If you use curly braces, the parser will stop at the curly brace, since it is not part of the token.

+5

Mark cidade Jul 29 '11 at 20:03

source share

Ted hopp · Accepted Answer · 2011-07-29T20:02:53+0000

Suppose you want the character "a" to immediately execute the value contained in the variable $var . If you write "$ vara", this will not work because you do not have the $vara variable. The parser is greedy - it assumes that everything that follows $ should be included if its syntax is included. "$ {var} a" prevents this.

What is Greedy Token Analysis?

More articles: