String interpolation

In computer programming, string interpolation (or variable interpolation, variable substitution, or variable expansion) is the process of evaluating a string literal containing one or more placeholders, yielding a result in which the placeholders are replaced with their corresponding values. It is a form of simple template processing[1] or, in formal terms, a form of quasi-quotation (or logic substitution interpretation). String interpolation allows easier and more intuitive string formatting and content-specification compared with string concatenation.[2]

String interpolation is common in many programming languages which make heavy use of string representations of data, such as Groovy, Perl, PHP, Python, Ruby, Scala, and Swift, and most Unix shells. Two modes of literal expression are usually offered: one with interpolation enabled, the other without (termed raw string). Placeholders are usually represented by a bare or a named sigil (typically $ or %), e.g. $placeholder or %123. Expansion of the string usually occurs at run time.

Variations

Some languages do not offer string interpolation, instead offering a standard function where one parameter is the printf format string, and other(s) provide the values for each placeholder.

Ruby uses the # symbol for interpolation, and allows interpolating any expression, not only variables. Other languages may support more advanced interpolation with a special formatting function, such as printf, in which the first argument, the format, specifies the pattern in which the remaining arguments are substituted.

Algorithms

There are two main types of expand variable algorithms for variable interpolation:[3]

  1. Replace and expand placeholders: creating a new string from the original one, by find-replace operations. Find variable-reference (placeholder), replace it by its variable-value. This algorithm offers no cache strategy.
  2. Split and join string: splitting the string into an array, and merging it with the corresponding array of values; then join items by concatenation. The split string can be cached to reuse.

Security issues

String interpolation, like string concatenation, may lead to security problems. If user input data is improperly escaped or filtered, the system will be exposed to SQL injection, script injection, XML External Entity Injection (XXE), and cross-site scripting (XSS) attacks.[4]

An SQL injection example:

query = "SELECT x, y, z FROM Table WHERE id='$id' "

If $id is replaced with "'; DELETE FROM Table; SELECT * FROM Table WHERE id='", executing this query will wipe out all the data in Table.

Examples

The following Perl code works identically in PHP:

$name = "Alice";
print "${name} said Hello World to the crowd of people.";

produces the output: Alice said Hello World to the crowd of people.

Bash

Main article: Bourne-Again_shell
apples = 4
echo "I have $apples apples"
# or
echo "I have ${apples} apples"

The output will be:

I have 4 apples

Boo

apples = 4
print("I have $(apples) apples")
# or
print("I have {0} apples" % apples)

The output will be:

I have 4 apples

C#

var apples = 4;
// Before C# 6.0
System.Console.WriteLine(String.Format("I have {0} apples", apples));
// C# 6.0
System.Console.WriteLine($"I have {apples} apples");

[5]

The output will be:

I have 4 apples

ColdFusion Markup Language

ColdFusion Markup Language (CFML) script syntax:

apples = 4;
writeOutput("I have #apples# apples");

Tag syntax:

<cfset apples = 4>
<cfoutput>I have #apples# apples</cfoutput>

The output will be:

I have 4 apples

CoffeeScript

Main article: CoffeeScript
apples = 4
console.log "I have #{apples} apples"

The output will be:

I have 4 apples

Dart

int apples = 4, bananas = 3;
print('I have $apples apples.');
print('I have ${apples+bananas} fruit.');

The output will be:

I have 4 apples.
I have 7 fruit.

Groovy

def quality = 'superhero'
def sentence = "A developer is a ${quality}"
print sentence

The output will be:

A developer is a superhero

Haxe

Main article: Haxe
var apples = 4;
var bananas = 3;
trace('I have $apples apples.');
trace('I have ${apples+bananas} fruit.');

The output will be:

I have 4 apples.
I have 7 fruit.

[6]

JavaScript

JavaScript, as of the ECMAScript 2015 (ES6) standard, supports string interpolation using backticks ``. This feature is called template literals.[7] Here is an example:

var apples = 4;
var bananas = 3;
console.log(`I have ${apples} apples`);
console.log(`I have ${apples + bananas} fruits`);

The output will be:

I have 4 apples
I have 7 fruits

Nemerle

Main article: Nemerle
def apples = 4;
def bananas = 3;
Console.WriteLine($"I have $apples apples.");
Console.WriteLine($"I have $(apples + bananas) fruit.");

It also supports advanced formatting features, such as:

def fruit = ["apple", "banana"];
Console.WriteLine($<#I have ..$(fruit; "\n"; f => f + "s")#>);

The output will be:

apples
bananas

Perl

Main article: Perl
my $apples = 4;
my $bananas = 3;
print "I have $apples apples.\n";
print "I have @{[$apples+$bananas]} fruit.\n";  # Uses the Perl array (@) interpolation.

The output will be:

I have 4 apples.
I have 7 fruit.

PHP

Main article: PHP
<?php
class foo {
    var $foo;
    var $bar;
    function foo() {
        $this->foo = 'Foo';
        $this->bar = array('Bar1', 'Bar2', 'Bar3');
    }
}
$foo = new foo();
$name = 'Jason';
echo <<<EOT
My name is "$name". I am printing some $foo->foo.
Now, I am printing some {$foo->bar[1]}.
This should print a capital 'A': \x41
EOT;
?>

The output will be:

My name is "Jason". I am printing some Foo.
Now, I am printing some Bar2.
This should print a capital 'A': A

Python

# in all versions
apples = 4
print "I have %d apples" % apples
print "I have %(apples)d apples" % locals()
# with Python 2.6+
print "I have {} apples".format(apples)
print "I have {a} apples".format(a=apples)
# or with Python 3.6+
print(f"I have {apples} apples")

[8] [9]

The output will be:

I have 4 apples

Ruby

apples = 4
puts "I have #{apples} apples"
# or
puts "I have %s apples" % apples
# or
puts "I have %{a} apples" % {a: apples}

The output will be:

I have 4 apples

Scala

Scala 2.10+ has implemented the following string interpolators: s, f and raw. It is also possible to write custom ones or override the standard ones.

The f interpolator is a compiler macro that rewrites a format string with embedded expressions as an invocation of String.format. It verifies that the format string is well-formed and well-typed.

The standard interpolators

Scala 2.10+'s string interpolation allows embedding variable references directly in processed string literals. Here is an example:

val apples = 4
val bananas = 3
//before Scala 2.10
printf("I have %d apples\n", apples)
println("I have %d apples" format apples)
//Scala 2.10+
println(s"I have $apples apples")
println(s"I have ${apples + bananas} fruits")
println(f"I have $apples%d apples")

[10]

The output will be:

I have 4 apples

Swift

In Swift, a new String value can be created from a mix of constants, variables, literals, and expressions by including their values inside a string literal. Each item inserted into the string literal is wrapped in a pair of parentheses, prefixed by a backslash.

let apples = 4
print("I have \(apples) apples")

The output will be:

I have 4 apples

TypeScript

As of version 1.4, TypeScript supports string interpolation using backticks ``. Here is an example:

var apples: number = 4;
console.log(`I have ${apples} apples`);

The output will be:

I have 4 apples

The console.log function can be used as a printf function. The above example can be rewritten, thusly:

var apples: number = 4;
console.log("I have %d apples", apples);

The output remains the same.

See also

Notes

This article is issued from Wikipedia - version of the 10/5/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.