ansaurus

Question

What is the meaning of the '?', '()', and ':' symbols in PHP?

Answer 1

+21 A:

The expression looks like this:

$var = (condition) ? if_true : if_false

?: is the ternary operator. If condition is true, $var will be assigned the value if_true; otherwise it will be assigned the value if_false.

In your particular case:

This assigns the value of the X-Forwarded-For HTTP header to $ip if it exists; otherwise it uses the remote address itself.
This is usually used as a way to get a client's IP address. However, note that in general this is a terrible way to check for client identity. See this StackOverflow question. (Use session cookies or some sort of authentication if you need to make sure users don't clobber each other.)
Also, it's HTTP_X_FORWARDED_FOR, not HTTP_X_FORWARD_FOR.
Finally, HTTP_X_FORWARDED_FOR can be a comma-delimited list of IP addresses, not just a single one, so this has the potential to be a bug.

John Feminella 2010-06-23 13:19:30

+1 for the "answer + bug hunt" :)

kbok 2010-06-23 13:31:18

Very brief. Accepted answer, also nice tips :)

YouBook 2010-06-23 13:32:55

Also would you mind doing a brief about multiple ternary operators within one logical statement. This will be helpful to others. +1

RobertPitt 2010-06-25 12:41:58

@RobertPitt: the brief advice would be: don't do it! Nested ternary operators quickly become unwieldy, unintelligible, unmaintainable code.

janmoesen 2010-06-25 12:56:12

@John: +1, and I cannot help but mention that X-Forwarded-For,like other headers, is completely spoofable. You could set `$ip` to `127.0.0.1` simply by saying so in your header. So this code would be open to "normal" bugs and "security" vulnerabilities.

janmoesen 2010-06-25 12:58:17

Answer 2

+2 A:

It's known as a ternary operator and is shorthand for (in your case):

if($_SERVER['HTTP_X_FORWARD_FOR'])
{
    $ip = $_SERVER['HTTP_X_FORWARD_FOR'];
}
else
{
    $ip = $_SERVER['REMOTE_ADDR'];
}

Rowland Shaw 2010-06-23 13:19:56

Answer 3

A:

"?:" (or ternary) operator

The expression (expr1) ? (expr2) : (expr3) evaluates to expr2 if expr1 evaluates to TRUE, and expr3 if expr1 evaluates to FALSE

See this example:

<?php
// Example usage for: Ternary Operator
$action = (empty($_POST['action'])) ? 'default' : $_POST['action'];

// The above is identical to this if/else statement
if (empty($_POST['action'])) {
    $action = 'default';
} else {
    $action = $_POST['action'];
}

?>

Karthik 2010-06-23 13:22:52

Answer 4

A:

The ternary form is basically a shortcut for if->then->else

I generally avoid it because it's not all that readable.

$ip = ($_SERVER['HTTP_X_FORWARD_FOR']) ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'];

is logically equivalent to:

if($_SERVER['HTTP_X_FORWARD_FOR']){
   $ip = $_SERVER['HTTP_X_FORWARD_FOR'];
}else{
   $ip = $_SERVER['REMOTE_ADDR'];
}

It should be said that this is EXACTLY what this is most commonly used for: variable initialization. Very common with form data.

Satanicpuppy 2010-06-23 13:24:38

ansaurus

tags:

views:

answers:

What is the meaning of the '?', '()', and ':' symbols in PHP?

related questions