Section 2: Simple Usages
The XPHP Tag
Once XPHP is enabled in your script, it will allow you to begin deploying dynamic content in the form of an <xphp> tag. Throughout this guide, you will see the various types of <xphp> tags there are, and how they each work.
Working With Variables
The simplest example of XPHP in action would be the insertion of a PHP variable in your web page. XPHP supports PHP variables in the following scopes:
- $_GLOBALS
- $_GET
- $_POST
- $_SERVER
- $_COOKIE
- $_SESSION
- apc_fetch()
- $object->variable
To insert PHP variables of these types into your web page, you may use the following examples:
<xphp var="foo"/> // equivalent to <?php echo $_GLOBALS['foo'];?> <xphp var="foo" type="get"/> // <?php echo $_GET['foo'];?> <xphp var="foo" type="post"/> // <?php echo $_POST['foo'];?> <xphp var="foo" type="server"/> // and so forth... <xphp var="foo" type="cookie"/> <xphp var="foo" type="session"/> <xphp var="foo" type="apc"/> // <?php echo apc_fetch('foo');?> <xphp var="foo" type="object" object="bar"/> // <?php echo $_GLOBALS['bar']->foo;?>
PHP variables can be typecasted through XPHP as well, allowing for input filtering: <xphp var="foo" type="get" cast="int"/> which is equivalent to (int)$_GET['foo'].
Note: Both "var" and "variable" can be used, as in: <xphp var="foo"/> and <xphp variable="foo"/>.
Security: As with any other method of inserting dynamic and foreign content into a web page, ensure that you are properly filtering your data before it is presented to the client's browser!
Basic Function Calls
The next type of XPHP tag emulates a PHP function call. In the following example, the XPHP tag will be replaced with the content returned by function foo():
<?php
require '/path/to/class.xphp.php';
$xphp=new XPHP();
function foo() {
return 'hello world';
}
?>
<html>
<body>
<xphp function="foo"/> <!-- prints "hello world" -->
</body>
</html>
Note: Both "func" and "function" can be used, as in: <xphp func="foo"/> and <xphp function="foo"/>.
This is only the beginning of how XPHP interacts with PHP functions... In the following sections, you will see how to take this to the next step.
Disabling XPHP Output
Commenting out XPHP tags will not prevent the processing of them. In other words, this will not prevent function foo() from being called:
<!-- <xphp function="foo"/> -->. Therefore to temporarily disable an XPHP tag, and prevent it from being parsed, you may set the disabled attribute as follows:
<xphp function="foo" disabled="true"/>