Here's the information according to the official documentation:
There are four different pairs of opening and closing tags which can be used in PHP. Two of those,
<script language="php"> </script>, are always available. The other two are short tags and ASP style tags, and can be turned on and off from the php.ini configuration file. As such, while some people find short tags and ASP style tags convenient, they are less portable, and generally not recommended.
In my experience most servers do have short tags enabled. Typing
is far more convenient than typing
The programmers convenience is an important factor, so why are they not recommended?
There must be a clear distinction between the PHP short tag (
<?) and shorthand echo tag (
The former is prohibited by the PHP Coding standard, mostly out of common sense because it's a PITA if you ever have to move your code to a server where it's not supported (and you can't enable it). As you say, lots of shared hosts do support shorttags but "lots" isn't all of them. If you want to share your scripts, it's best to use the full syntax.
Whereas the shorthand echo tag
<?= cannot be disabled and therefore is fully acceptable to use.
I agree that
<? is easier on programmers than
<?php but it is possible to do a bulk find-and-replace as long as you use the same form each time.
I don't buy readability as a reason at all. Most serious developers have the option of syntax highlighting available to them.
As ThiefMaster mentions in the comments, as of PHP 5.4,
<?= ... ?> tags are supported everywhere, regardless of shorttags settings. This should mean they're safe to use in portable code but that does mean there's then a dependency on PHP 5.4+. If you want to support pre-5.4 and can't guarantee shorttags, you'll still need to use
<?php echo ... ?>.
Also, you need to know that ASP tags <% , %> , <%= , and script tag are removed from PHP 7. So if you would like to support long-term portable code and would like switching to the most modern tools consider changing that parts of code.
I'm too fond of
<?=$whatever?> to let it go. Never had a problem with it. I'll wait until it bites me in the ass. In all seriousness, 85% of (my) clients have access to php.ini in the rare occasion they are turned off. The other 15% use mainstream hosting providers, and virtually all of them have them enabled. I love 'em.
The problem with this whole discussion lies in the use of PHP as a templating language. No one is arguing that tags should be used in application source files.
However PHP's embeddable syntax allows it to be used as a powerful template language, and templates should be as simple and readable as possible. Many have found it easier to use a much slower, add-on templating engine like Smarty, but for those purists among us who demand fast rendering and a pure code base, PHP is the only way to write templates.
The ONLY valid argument AGAINST the use of short tags is that they aren't supported on all servers. Comments about conflicts with XML documents are ludicrous, because you probably shouldn't be mixing PHP and XML anyway; and if you are, you should be using PHP to output strings of text. Security should never be an issue, because if you're putting sensitive information like database access credentials inside of template files, well then, you've got bigger issues!
Now then, as to the issue of server support, admittedly one has to be aware of their target platform. If shared hosting is a likely target, then short tags should be avoided. But for many professional developers (such as myself), the client acknowledges (and indeed, depends on the fact) that we will be dictating the server requirements. Often I'm responsible for setting up the server myself.
And we NEVER work with a hosting provider that does not give us absolute control of the server configuration -- in such a case we could count on running to much more trouble than just losing short tag support. It just doesn't happen.
So yes -- I agree that the use of short tags should be carefully weighed. But I also firmly believe that it should ALWAYS be an option, and that a developer who is aware of his environment should feel free to use them.
Short tags are coming back thanks to Zend Framework pushing the "PHP as a template language" in their default MVC configuration. I don't see what the debate is about, most of the software you will produce during your lifetime will operate on a server you or your company will control. As long as you keep yourself consistent, there shouldn't be any problems.
After doing quite a bit of work with Magento, which uses long form. As a result, I've switched to the long form of:
Seems like a small amount of work to assure interoperability.
Following is the wonderful flow diagram of the same:
In case anyone's still paying attention to this... As of PHP 5.4.0 Alpha 1
<?= is always available:
So it looks like short tags are (a) acceptable and (b) here to stay. For now at least...
http://uk3.php.net/manual/en/language.basic-syntax.phpmode.php has plenty of advice, including:
while some people find short tags and ASP style tags convenient, they are less portable, and generally not recommended.
note that if you are embedding PHP within XML or XHTML you will need to use the
<?php ?>tags to remain compliant with standards.
Using short tags should be avoided when developing applications or libraries that are meant for redistribution, or deployment on PHP servers which are not under your control, because short tags may not be supported on the target server. For portable, redistributable code, be sure not to use short tags.
Short tags are not turned on by default in some webservers (shared hosts, etc.), so code portability becomes an issue if you need to move to one of these.
Readability may be an issue for some. Many developers may find that
<?phpcatches the eye as a more obvious marker of the beginning of a code block than
<?when you scan a file, particularly if you're stuck with a code base with HTML and PHP tightly inter-woven.
Note: Starting in PHP 5.4 the short tag,
<?=, is now always available.
On the other hand I agree that short tags in templates (and ONLY in templates) seem useful, but the problem is that we've just spent so much time discussing it here, that it would likely take a very long time to have actually wasted that much time typing the extra three characters of "php"!!
Finally, I don't think that short tags are the problem here: there are only two logical types of PHP code blocks-- 1) regular PHP code, 2) template echoes. For the former, I firmly believe that only <?php and ?> should be allowed just to keep everything consistent and portable. For the latter, the <?=$var?> method is ugly. Why must it be like this? Why not add something much more logical? <?php $var ?> That would not do anything (and only in the most remote possibilities could it conflict with something), and that could easily replace the awkward <?= syntax. Or if that's a problem, perhaps they could use <?php=$var?> instead and not worry about inconsistencies.
At the point where there are 4 options for open and close tags and the random addition of a special "echo" tag, PHP may as well have a "custom open/close tags" flag in php.ini or .htaccess. That way designers can choose the one they like best. But for obvious reasons that's overkill. So why allow 4+ options?
As of 2019 I disagree with certain answers here. Recommended to use:
1. Long tags
/* code goes here */
2. Short echo tags
/* code goes here */
Reason: They are recommended by the PSR-1 basic coding standard
Other short tags like
<? /* code goes here */ ?> are not recommended.
The spec says:
PHP code MUST use the long tags or the short-echo tags; it MUST NOT use the other tag variations.
It's good to use them when you work with a MVC framework or CMS that have separate view files.
It's fast, less code, not confusing for the designers. Just make sure your server configuration allows using them.
One situation that is a little different is when developing a CodeIgniter application. CodeIgniter seems to use the shorttags whenever PHP is being used in a template/view, otherwise with models and controllers it always uses the long tags. It's not a hard and fast rule in the framework, but for the most part the framework and a lot of the source from other uses follows this convention.
My two cents? If you never plan on running the code somewhere else, then use them if you want. I'd rather not have to do a massive search and replace when I realize it was a dumb idea.
<? is disabled by default in newer versions. You can enable this like described Enabling Short Tags in PHP.
IMHO people who use short tags often forget to escape whatever they're echoing. It would be nice to have a template engine that escapes by default. I believe Rob A wrote a quick hack to escape short tags in Zend Frameworks apps. If you like short tags because it makes PHP easier to read. Then might Smarty be a better option?
to me that looks better than
One has to ask what the point of using short tags is.
Quicker to type
<?=is far more convenient than typing
Yes, it is. You save having to type 7 characters * X times throughout your scripts.
However, when a script takes an hour, or 10 hours, or more, to design, develop, and write, how relevant is the few seconds of time not typing those 7 chars here and there for the duration of the script?
Compared to the potential for some core, or all, of you scripts not working if short tags are not turned on, or are on but an update or someone changing the ini file/server config stops them working, other potentials.
The small benefit you gain doesn't comes close to outweighing the severity of the potential problems, that is your site not working, or worse, only parts of it not working and thus a headache to resolve.
Easier to read
This depends on familiarity.
I've always seen and used
<?php echo. So while
<?= is not hard to read, it's not familiar to me and thus not easier to read.
And with front end/back end developer split (as with most companies) would a front end developer working on those templates be more familiar knowing
<?= is equal to "PHP open tag and echo"?
I would say most would be more comfortable with the more logical one. That is, a clear PHP open tag and then what is happening "echo" -
Issue = entire site or core scripts fail to work;
The potential of issue is very low + severity of outcome is very high = high risk
You save a few seconds here and there not having to type a few chars, but risk a lot for it, and also likely lose readability as a result.
Front or back end coders familiar with
<?= are more likely to understand
<?php echo, as they're standard PHP things - standard
<?php open tag and very well known "echo".
(Even front end coders should know "echo" or they simply wont be working on any code served by a framework).
Whereas the reverse is not as likely, someone is not likely to logically deduce that the equals sign on a PHP short tag is "echo".
Let's face it. PHP is ugly as hell without short tags.
You can enable them in a
.htaccess file if you can't get to the
php_flag short_open_tag on
To avoid portability issues, start PHP tags with
<?php and in case your PHP file is purely PHP, no HTML, you don't need to use the closing tags.
I thought it worth mentioning that as of PHP 7:
- Short ASP PHP tags
<% %>are gone
- Short PHP tabs
<? ?>are still available if
short_open_tagis set to true. This is the default.
- Since PHP 5.4, Short Print tags
<?= ?>are always enabled, regardless of the
Good riddance to the first one, as it interfered with other languages.
There is now no reason not to use the short print tags, apart from personal preference.
Of course, if youre writing code to be compatible with legacy versions of PHP 5, you will need to stick to the old rules, but remember that anything before PHP 5.6 is now unsupported.
- Short tags are acceptable to use in cases where you are certain the server will support it and that your developers will understand it.
- Many servers do not support it, and many developers will understand it after seeing it once.
- I use full tags to ensure portability, since it's really not that bad.
With that said, a friend of mine said this, in support of alternate standardized asp-style tags, like
<% rather than
<?, which is a setting in php.ini called asp_tags. Here is his reasoning:
... arbitrary conventions should be standardized. That is, any time we are faced with a set of possibilities that are all of equal value - such as what weird punctuation our programming language should use to demarcate itself - we should pick one standard way and stick with it. That way we reduce the learning curve of all languages (or whatever the things the convention pertains to).
Sounds good to me, but I don't think any of us can circle the wagons around this cause. In the meantime, I would stick to the full
Short tag are alwayes available in php. So you do not need echo the first statement in your script
$a =10; $a;//10 echo "Hellow";// echo "Hellow";
Suddenly you need to use for a single php script then u can use it. example:
<html> <head> <title></title> </head> <body> <p>hellow everybodyhi; </p> <p>hellow everybody </p> <p>hellow everybody </p> </body> </html>
If you care about XSS then you should use
<?= htmlspecialchars() ?> most of the time, so a short tag doesn't make a big difference.
Even if you shorten
echo htmlspecialchars() to
h(), it's still a problem that you have to remember to add it almost every time (and trying to keep track which data is pre-escaped, which is unescaped-but-harmless only makes mistakes more likely).
I use a templating engine that is secure by default and writes
<?php tags for me.
<?php ?> are much better to use since developers of this programming language has massively updated their core-language. You can see the difference between the short tags and long tags.
Short tags will be highlighted as light red while the longer ones are highlighted darker!
However, echoing something out, for example:
<?=$variable;?> is fine. But prefer the longer tags.
<?php echo $variable;?>
<? (without a trailing space) to
<?php (with a trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\?(?!php|=|xml|mso| )/<\?php /g'
<? (with a trailing space) to
<?php (retaining the trailing space):
find . -name "*.php" -print0 | xargs -0 perl -pi -e 's/<\? /<\?php /g'
3 tags are available in php:
- long-form tag that
<?php ?>no need to directive any configured
- short_open_tag that
<? ?>available if short_open_tag option in php.ini is on
- shorten tag
<?=since php 5.4.0 it is always available
from php 7.0.0 asp and script tag are removed
No, and they're being phased out by PHP 6 so if you appreciate code longevity, simply don't use them or the
<% ... %> tags.