“@/path/to/a/file” in PHP, what does it mean?

Question

I have stumbled to following code example:

$image = \'file/path\';
$code = $tmhOAuth->request(\'POST\', \'https://upload.twitter.com/1/statuses/update_with_me         


        

Answer 1

The {$expression} syntax is one way to embed a variable or expression in a string in PHP, like the #{expression} syntax in Ruby.

So "@{$image}" is equivalent to '@'.$image.

The @ is used by the curl module to differenciate a regular POST variable value from a filename to upload. Your library must use the curl module internally or follow the same conventions.

When setting POST variables, if any value is prefixed with an @, it is considered to be a filename to upload:

curl_setopt($curl, CURLOPT_POSTFIELDS, array(
    'regular_variable' => 'value',
    'some_file' => '@/path/to/filename', // this is treated as a file to upload
));

This is not very well known and can lead to security issues if the programmer is not aware of this. This can be disabled by passing a query-string to CURLOPT_POSTFIELDS (http_build_query()).

This has no special meaning for PHP itself.