Overview

String formatting uses a process of string interpolation (variable substitution) to evaluate a string literal containing one or more placeholders, yielding a result in which the placeholders are replaced with their corresponding values.[1]

Discussion

Most current programming languages provide one or more string formatting functions that use a template string with placeholders and optional alignment, width, and precision indicators to generate formatted output.

Language Function Examples
C++ snprintf() snprintf(str, sizeof(str), "Hello %s!", name);
snprintf(str, sizeof(str), "$%.2f", value);
C# Format() String.Format("Hello {0}!", name);
String.Format("{0:$0.00}", value);
Java format() String.format("Hello %s!", name);
String.format("$%.2f", value);
JavaScript template literal `Hello ${name}`;
`$${value.toFixed(2)}`;
Python interpolation
(f-string)		 f"Hello {name}!"
f"${value:.2f}"
Swift interpolation
String()		 "Hello \(name)!"
String(format:"%.2f", value)

String interpolation, like string concatenation, may lead to security problems. If user input data is improperly escaped or filtered, the system may be exposed to code injection.[2]

Key Terms

code injection
The exploitation of a computer bug that is caused by processing invalid data.[3]
formatting
Modifying the way the output is displayed.
string interpolation
Evaluating a string literal containing one or more placeholders, yielding a result in which the placeholders are replaced with their corresponding values.

References

  1. Wikipedia: String interpolation
  2. Wikipedia: String interpolation
  3. Wikipedia: Code injection

License

Icon for the Creative Commons Attribution-ShareAlike 4.0 International License

Programming Fundamentals Copyright © 2018 by Authors and Contributors is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License, except where otherwise noted.

Share This Book