php[architect] logo

Want to check out an issue? Sign up to receive a special offer.

XHP: Inline XML For PHP

Posted by on February 10, 2010

Anyone developing with PHP quickly learns that PHP’s ability to generate HTML is both a blessing and a curse. While PHP supports the ability to generate dynamic websites and HTML, it often creates kludgy and difficult code. Facebook, one of the world’s largest consumers of PHP and fresh off their announcement of HipHop, has noted this problem as well, and decided to try and solve it by introducing XHP.

XHP, in a nutshell, is designed to augment the syntax of PHP to allow for inline XML to be included in PHP code. More simply put, XHP permits PHP to understand HTML syntax, eliminating the need for quotation marks, concatenation, escaping and all of the other headaches associated with including HTML directly into PHP code.

XHP also does one other amazing thing: it automatically makes your HTML safe. Rather than having to use the escape functions on your HTML to ensure that PHP variables are safe for output, XHP automatically does this, ensuring that anything you output will not result in an XSS or other malicious attack. This builds in security by default, and helps prevent accidental security holes.

Another feature of XHP is that it automatically detects mistakes in your markup at parse time, and reports them along with PHP markup mistakes. This means that it’s impossible to generate malformed pages using XHP, because it would generate a parser error rather than allow such a page to be displayed. XHP actually reads the HTML syntax, ensuring that your HTML is well-formed and correct.

Rasmus Lerdorf does a writeup of the performance implications related to XHP, pointing out that PHP does take a significant performance hit with it turned on. He also points out that PHP’s use of APC, along with HipHop probably mitigates this performance impact, but reminds people that they should consider the impact on their own applications before installing and using the extension themselves. That being said, it’s unlikely that XHP will remain the same forever; performance improvements are likely to continue, especially if other developers like and improve upon the existing extension.

XHP is available now for download on GitHub. Bear in mind you’ll need Flex for installation. You can also read the documentation for more information.


Marco is the keeper of keys and Chief Garbage Collector at Blue Parabola. He can be found on Twitter as @mtabini.

 

Responses and Pingbacks

The Xaraya CMS did something similar, but they added a lot of performance improvements. They start of with XML with template code in it, including variables and logic loops, function calls etc.
At the first request this XML is changed in as efficient PHP code as possible. At the next request the PHP cache is used.
It makes developing new modules for the CMS harder but webmasters can quickly create pages using template logic.

Leave a comment

Use the form below to leave a comment: