Variable variables in PHP – What is their purpose?

In PHP there’s a functionality officially called “Variable Variables” where one can assign variable variables. A variable variable takes the value of one variable as the name for a new variable! For example:

$name='Joe';
$$name='Smith'; // could also be written as ${$name}='Smith'

The first variable $name contains the value ‘Joe’, while the second is variable named $Joe with the value ‘Smith’. Take into account that PHP variables are case-sensitive!

I’ve never used this functionality and do not see the purpose for that. Could someone explain to me where this functionality could be exploited as a good practise?

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Sometimes we need software that is extremely flexible and that we can parametrize. You have to prepare the whole thing, of course, but part of it just comes from user input, and we have no time to change the software just because the user needs a new input.

With variable variables and variable functions you can solve problems that would be much harder to solve without them.

Quick Example:

Without variable variables:

$comment = new stdClass(); // Create an object

$comment->name = sanitize_value($array['name']);
$comment->email = sanitize_values($array['email']);
$comment->url = sanitize_values($array['url']);
$comment->comment_text = sanitize_values($array['comment_text']);

With variable variables

$comment = new stdClass(); // Create a new object


foreach( $array as $key=>$val )
{
    $comment->$key = sanitize_values($val);
}

Solution 2

This has some uses when referencing variables within classes, and there are some cases where these can actually be required (such as in __get(), __set(), __isset(), and __unset()). However, in most cases it is unwise to use them on global variables.

Be aware that you should NEVER directly accept end-user input when it comes to variable variables. Instead a wrapper function should be used to ensure that only specific inputs are allowed.

In most cases, variable variables are not required, and it is recommended that you avoid them when possible.

Solution 3

You can use for something like

$labels = array( 'first_name" => 'First Name", 'middle_name" => 'Middle Name", 'last_name" => 'Last Name", 'phone" => 'Phone");
        foreach($labels as $field => $label)
        {
        echo '<div id='field'><label for='$field'>$label</label>
        <input id='$field' name='$field' type='text' value='".$$field."' /></div>";       
        }

In my opinion is bad old school…

Solution 4

According to @Faiz answer (which I accepted as the formal answer to my question) I created the following sample example.

If I had the class Customer:

class Customer
{
  public $firstname;
  public $lastname;
  public $country;
  public $gender;
  ...
}

and the web HTML form with INPUT/SELECT fields having names ‘firstname’,’lastname’,’country’, ‘gender’…

<form action="..." method="post">
  <input type="text" name="firstname" value="" />
  <input type="text" name="lastname" value="" />
  <select name="country">
    <option value="AL">Albania</option>
    <option value="BE">Belgium</option>
    <option value="HR">Croatia</option>
    ...
  </select>
  <input type="radio" name="gender" value="M" />Man
  <input type="radio" name="gender" value="F" />Woman
  ...
  <input type="submit" value="Submit" />
</form>

usually in my action script I would map these form fields into class variables one by one as:

$Customer=new Customer();
$Customer->firstname=$_POST['firstname'];
$Customer->lastname=$_POST['lastname'];
$Customer->country=$_POST['country'];
$Customer->gender=$_POST['gender'];
...
$Customer->create();

But using variable variables I can easily map all associative array values (there could be a lot of them which is error prone) into class variables using the following one line foreach loop;

$Customer=new Customer();
foreach($_POST as $key=>$value) $Customer->$key=$value;
$Customer->create();

Note: For the sake of answer (logic) simplicity and clearness I omitted $_POST values sanitization.

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply