I do not agree that it is a question of comparing which is better or necessarily which advantages of one under the other, sprintf()
may seem "easier" or advantageous, but what defines this is the need, then the advantage is when "it is necessary", I am not saying that will have disadvantages in using deliberately, really will not have "big losses".
The point is that both sprintf
how much printf
do much more of joining and popular a string, they have different features that can be useful in different situations, for example adding zeros in front of dates:
<?php
$dia = 1;
$mes = 5;
$ano = 2019;
$hora = 2;
$minutos = 3;
printf('%02d/%02d/%04d - %02d:%02d', $dia, $mes, $ano, $hora, $minutos);
This makes it easy, because without the printf/sprintf you would need to use str_pad
or even ifs to check, example:
$dia = 1;
$mes = 5;
$ano = 2019;
$hora = 2;
$minutos = 3;
$dia = str_pad($dia, 2, 0, STR_PAD_LEFT);
$mes = str_pad($mes, 2, 0, STR_PAD_LEFT);
$ano = str_pad($ano, 4, 0, STR_PAD_LEFT);
$hora = str_pad($hora, 2, 0, STR_PAD_LEFT);
$minutos = str_pad($minutos, 2, 0, STR_PAD_LEFT);
echo "$dia/$mes/$ano - $hora:$minutos";
in this case it is quite evident how much you can facilitate writing and even understanding the code using printf/sprintf, now in a simple scenario, just "popular" the values in a string, without needing to adjust such values you can simply make use of double quotes.
There is talk that single quotes (apostrophes) are more efficient than double quotes, but the performance advantage is so insignificant or often nonexistent that doing so:
echo 'Horário de hoje', $hora, ':', $minutos, ' - data: ', $dia, '/', $mes, '/', $ano;
You have no advantage in doing this:
echo "Horário de hoje $hora:$minutos - data: $dia/$mes/$ano";
Even in stress tests with a lot of data I could not notice big differences. Returning the question of the question, for example if you need to escape HTML tags to entities (avoiding "html injection" that could not occur) you will have to use htmlspecialchars
and in this case will have to treat variable by variable, as far as I know the sprintf
you won’t be able to solve it by staying something like:
$user = htmlspecialchars($data['usuario']); //Dado hipotético vindo do banco
$msg = htmlspecialchars($data['mensagem']); //Dado hipotético vindo do banco
echo "<p><strong>$user</strong>:<br>$msg</p>";
Idea of "templates"
A scenario that might be interesting would be if the strings were stored as well and the values were populated, for example on a site with different languages, then in files .ini
or .php
you could store something like:
./langs/
+---- pt.ini
+---- en.ini
+---- es.ini
In the content of pt.ini
would have something like:
main_title=Site %s
main_subtitle=O maior site do seguimento de %s
main_footer=Todos direitos reservados %04d
In the en.ini
, something like:
main_title=%s website
main_subtitle=The biggest site in the segment of %s
main_footer=© %04d. All rights reserved
<?php
...
$idioma = $data['usuario_idioma'];
$parsed = parse_ini_file($idioma . '.ini');
?><!DOCTYPE html>
<html>
<head>
<title><?=printf($parsed['main_title'], 'Foo Bar')?></title>
</head>
<body>
<h1><?=printf($parsed['main_title'], 'Foo Bar')?></h1>
<h2><?=printf($parsed['main_subtitle'], 'tecnologia')?></h2>
<footer>
<?=printf($parsed['main_footer'], 'tecnologia')?>
</footer>
</body>
</html>
But this is just one example.
Database and queries
I personally disagree with the chosen answer that says this:
insert many variables into a string, query
At least in PHP specifically and if query refer to database, really has no advantage, this because in Apis mysqli and PDO there are bindParam/bindValue, because you do not use Binds with or without sprintf
you would have to escape variables to avoid sql-injectection or avoid syntax errors in the query, but with native Apis Binds it will be similar to sprintf
, for example in mysqli:
$stmt = mysqli_prepare($link, "INSERT INTO Log VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'ssdd', $user, $language, $score, $percent);
$user = 'Rcs';
$language = 'pt-BR';
$score = 10;
$percent = 11.2;
/* executa */
mysqli_stmt_execute($stmt);
Readability depending on the case right? I can’t imagine that one
sprintf
is more legible than aecho "Nome: $nome";
– Bacco