Replacing variables in a string

Posted on

Replacing variables in a string – Here in this article, we will share some of the most common and frequently asked about PHP problem in programming with detailed answers and code samples. There’s nothing quite so frustrating as being faced with PHP errors and being unable to figure out what is preventing your website from functioning as it should like php and variables . If you have an existing PHP-based website or application that is experiencing performance issues, let’s get thinking about Replacing variables in a string.

I am working on a multilingual website in PHP and in my languages files i often have strings which contain multiple variables that will be later filled in to complete the sentences.

Currently i am placing {VAR_NAME} in the string and manually replacing each occurence with its matching value when used.

So basically :

{X} created a thread on {Y}

becomes :

Dany created a thread on Stack Overflow

I have already thought of sprintf but i find it inconvenient because it depends on the order of the variables which can change from a language to another.

And I have already checked How replace variable in string with value in php? and for now i basically use this method.

But i am interested in knowing if there is a built-in (or maybe not) convenient way in PHP to do that considering that i already have variables named exactly as X and Y in the previous example, more like $$ for a variable variable.

So instead of doing str_replace on the string i would maybe call a function like so :

$X = 'Dany';
$Y = 'Stack Overflow';
$lang['example'] = '{X} created a thread on {Y}';

echo parse($lang['example']);

would also print out :

Dany created a thread on Stack Overflow



The strings serve as templates and can be used multiple times with different inputs.

So basically doing "{$X} ... {$Y}" won’t do the trick because i will lose the template and the string will be initialized with the starting values of $X and $Y which aren’t yet determined.

Solution :

I’m going to add an answer here because none of the current answers really cut the mustard in my view. I’ll dive straight in and show you the code I would use to do this:

function parse(
    /* string */ $subject,
    array        $variables,
    /* string */ $escapeChar = '@',
    /* string */ $errPlaceholder = null
) {
    $esc = preg_quote($escapeChar);
    $expr = "/
      | $esc{
      | {(w+)}

    $callback = function($match) use($variables, $escapeChar, $errPlaceholder) {
        switch ($match[0]) {
            case $escapeChar . $escapeChar:
                return $escapeChar;

            case $escapeChar . '{':
                return '{';

                if (isset($variables[$match[1]])) {
                    return $variables[$match[1]];

                return isset($errPlaceholder) ? $errPlaceholder : $match[0];

    return preg_replace_callback($expr, $callback, $subject);

What does that do?

In a nutshell:

  • Create a regular expression using the specified escape character that will match one of three sequences (more on that below)
  • Feed that into preg_replace_callback(), where the callback handles two of those sequences exactly and treats everything else as a replacement operation.
  • Return the resulting string

The regex

The regex matches any one of these three sequences:

  • Two occurrences of the escape character, followed by zero or more occurrences of the escape character, followed by an opening curly brace. Only the first two occurrences of the escape character are consumed. This is replaced by a single occurrence of the escape character.
  • A single occurrence of the escape character followed by an opening curly brace. This is replaced by a literal open curly brace.
  • An opening curly brace, followed by one or more perl word characters (alpha-numerics and the underscore character) followed by a closing curly brace. This is treated as a placeholder and a lookup is performed for the name between the braces in the $variables array, if it is found then return the replacement value, if not then return the value of $errPlaceholder – by default this is null, which is treated as a special case and the original placeholder is returned (i.e. the string is not modified).

Why is it better?

To understand why it’s better, let’s look at the replacement approaches take by other answers. With one exception (the only failing of which is compatibility with PHP<5.4 and slightly non-obvious behaviour), these fall into two categories:

  • strtr() – This provides no mechanism for handling an escape character. What if your input string needs a literal {X} in it? strtr() does not account for this, and it would be substituted for the value $X.
  • str_replace() – this suffers from the same issue as strtr(), and another problem as well. When you call str_replace() with an array argument for the search/replace arguments, it behaves as if you had called it multiple times – one for each of the array of replacement pairs. This means that if one of your replacement strings contains a value that appears later in the search array, you will end up substituting that as well.

To demonstrate this issue with str_replace(), consider the following code:

$pairs = array('A' => 'B', 'B' => 'C');
echo str_replace(array_keys($pairs), array_values($pairs), 'AB');

Now, you’d probably expect the output here to be BC but it will actually be CC (demo) – this is because the first iteration replaced A with B, and in the second iteration the subject string was BB – so both of these occurrences of B were replaced with C.

This issue also betrays a performance consideration that might not be immediately obvious – because each pair is handled separately, the operation is O(n), for each replacement pair the entire string is searched and the single replacement operation handled. If you had a very large subject string and a lot of replacement pairs, that’s a sizeable operation going on under the bonnet.

Arguably this performance consideration is a non-issue – you would need a very large string and a lot of replacement pairs before you got a meaningful slowdown, but it’s still worth remembering. It’s also worth remembering that regex has performance penalties of its own, so in general this consideration shouldn’t be included in the decision-making process.

Instead we use preg_replace_callback(). This visits any given part of the string looking for matches exactly once, within the bounds of the supplied regular expression. I add this qualifier because if you write an expression that causes catastrophic backtracking then it will be considerably more than once, but in this case that shouldn’t be a problem (to help avoid this I made the only repetition in the expression possessive).

We use preg_replace_callback() instead of preg_replace() to allow us to apply custom logic while looking for the replacement string.

What this allows you to do

The original example from the question

$X = 'Dany';
$Y = 'Stack Overflow';
$lang['example'] = '{X} created a thread on {Y}';

echo parse($lang['example']);

This becomes:

$pairs = array(
    'X' = 'Dany',
    'Y' = 'Stack Overflow',

$lang['example'] = '{X} created a thread on {Y}';

echo parse($lang['example'], $pairs);
// Dany created a thread on Stack Overflow

Something more advanced

Now let’s say we have:

$lang['example'] = '{X} created a thread on {Y} and it contained {X}';
// Dany created a thread on Stack Overflow and it contained Dany

…and we want the second {X} to appear literally in the resulting string. Using the default escape character of @, we would change it to:

$lang['example'] = '{X} created a thread on {Y} and it contained @{X}';
// Dany created a thread on Stack Overflow and it contained {X}

OK, looks good so far. But what if that @ was supposed to be a literal?

$lang['example'] = '{X} created a thread on {Y} and it contained @@{X}';
// Dany created a thread on Stack Overflow and it contained @Dany

Note that the regular expression has been designed to only pay attention to escape sequences that immediately precede an opening curly brace. This means that you don’t need to escape the escape character unless it appears immediately in front of a placeholder.

A note about the use of an array as an argument

Your original code sample uses variables named the same way as the placeholders in the string. Mine uses an array with named keys. There are two very good reasons for this:

  1. Clarity and security – it’s much easier to see what will end up being substituted, and you don’t risk accidentally substituting variables you don’t want to be exposed. It wouldn’t be much good if someone could simply feed in {dbPass} and see your database password, now would it?
  2. Scope – it’s not possible to import variables from the calling scope unless the caller is the global scope. This makes the function useless if called from another function, and importing data from another scope is very bad practice.

If you really want to use named variables from the current scope (and I do not recommend this due to the aforementioned security issues) you can pass the result of a call to get_defined_vars() to the second argument.

A note about choosing an escape character

You’ll notice I chose @ as the default escape character. You can use any character (or sequence of characters, it can be more than one) by passing it to the third argument – and you may be tempted to use since that’s what many languages use, but hold on before you do that.

The reason you don’t want to use is because many languages use it as their own escape character, which means that when you want to specify your escape character in, say, a PHP string literal, you run into this problem:

$lang['example'] = '\{X}';   // results in {X}
$lang['example'] = '\{X}';  // results in Dany
$lang['example'] = '\\{X}'; // results in Dany

It can lead to a readability nightmare, and some non-obvious behaviour with complex patterns. Pick an escape character that is not used by any other language involved (for example, if you are using this technique to generate fragments of HTML, don’t use & as an escape character either).

To sum up

What you are doing has edge-cases. To solve the problem properly, you need to use a tool capable of handling those edge-cases – and when it comes to string manipulation, the tool for the job is most often regex.

Here’s a portable solution, using variable variables. Yay!

$string = "I need to replace {X} and {Y}";
$X = 'something';
$Y = 'something else';

preg_match_all('/{(.*?)}/', $string, $matches);           

foreach ($matches[1] as $value)
    $string = str_replace('{'.$value.'}', ${$value}, $string);

First you set up your string, and your replacements. Then, you perform a regular expression to get an array of matches (strings within { and }, including those brackets). Finally, you loop around these and replace those with the variables you created above, using variable variables. Lovely!

Just thought I’d update this with another option even though you’ve marked it as correct. You don’t have to use variable variables, and an array can be used in it’s place.

$map = array(
    'X' => 'something',
    'Y' => 'something else'

preg_match_all('/{(.*?)}/', $string, $matches);           

foreach ($matches[1] as $value)
    $string = str_replace('{'.$value.'}', $map[$value], $string);

That would allow you to create a function with the following signature:

public function parse($string, $map); // Probably what I'd do tbh

Another option thanks to toolmakersteve in the comments does away with the need for a loop and uses strtr, but requires minor additions to the variables and single quotes instead of double quotes:

$string = 'I need to replace {$X} and {$Y}';

$map = array(
    '{$X}' => 'something',
    '{$Y}' => 'something else'

$string = strtr($string, $map);

If you’re running 5.4 and you care about being able to use PHP’s builtin variable interpolation in the string, you can use the bindTo() method of Closure like so:

// Strings use interpolation, but have to return themselves from an anon func
$strings = [
    'en' => [
        'message_sent' => function() { return "You just sent a message to $this->recipient that said: $this->message."; }
    'es' => [
        'message_sent' => function() { return "Acabas de enviar un mensaje a $this->recipient que dijo: $this->message."; }

class LocalizationScope {
    private $data;

    public function __construct($data) {
        $this->data = $data;

    public function __get($param) {
        if(isset($this->data[$param])) {
            return $this->data[$param];

        return '';

// Bind the string anon func to an object of the array data passed in and invoke (returns string)
function localize($stringCb, $data) {
    return $stringCb->bindTo(new LocalizationScope($data))->__invoke();

// Demo
foreach($strings as $str) {
    var_dump(localize($str['message_sent'], array(
        'recipient' => 'Jeff Atwood',
        'message' => 'The project should be done in 6 to 8 weeks.'

//string(93) "You just sent a message to Jeff Atwood that said: The project should be done in 6 to 8 weeks."
//string(95) "Acabas de enviar un mensaje a Jeff Atwood que dijo: The project should be done in 6 to 8 weeks."

(Codepad Demo)

Perhaps, it feels a bit hacky, and I don’t particularly like using $this in this instance. But you do get the added benefit of relying on PHP’s variable interpolation (which allows you to do things like escaping, that are difficult to achieve with regex).

EDIT: Added LocalizationScope, which adds another benefit: no warnings if localization anonymous functions try to access data that was not provided.

strtr is probably a better choice for this kind of things, because it replaces longest keys first:

$repls = array(
  'X' => 'Dany',
  'Y' => 'Stack Overflow',

foreach($data as $key => $value)
  $repls['{' . $key . '}'] = $value;

$result = strtr($text, $repls);

(think of situations where you have keys like XX and X)

And if you don’t want to use an array and instead expose all variables from the current scope:

$repls = get_defined_vars();

If your only issue with sprintf is the order of the arguments you can use argument swapping.

From the doc (

$format = 'The %2$s contains %1$d monkeys';
echo sprintf($format, $num, $location);

gettext is a widely used universal localization system that does exactly what you want.
There are libraries for most programming languages and PHP has a built-in engine.
It is driven by po-files, simple text based format, for which there are many editors around and it is compatible with sprintf syntax.

It even has some functions to deal with things like complicated plurals that some languages have.

Here are some examples of what it does. Note that _() is an alias for gettext():

  • echo _('Hello world'); // will output hello world in the current selected language
  • echo sprintf(_("%s has created a thread on %s"), $name, $site); // translates the string, and hands it over to sprintf()
  • echo sprintf(_("%2$s has created a thread on %1$s"), $site, $name); // same as above, but with changed order of parameters.

If you have more than a handful of strings, you should definitely use an existing engine, rather than writing your own one.
Adding a new language is just a matter of translating a list of strings and most professional translation tools can work with this file format, too.

Check Wikipedia and the PHP documentation for a basic overview on how this works:

Google finds heaps of documentation and your favourite software repository will most likely have a handful of tools for managing po-files.

Some that I have used are:

  • poedit: Very light and simple. Good if you don’t have too much stuff to translate and don’t want to spend time thinking about how that stuff works.
  • Virtaal: A bit more complex and has a bit of a learning curve, but also some nice features that make your life easier. Good if you need to translate a lot.
  • GlotPress is a web application (from the wordpress people) that allows collaborative editing of the translation database files.

Why not use str_replace then? If you want it as template.

echo str_replace(array('{X}', '{Y}'), array($X, $Y), $lang['example']);

for every occurrence of this that you need

str_replace was built for this in the first place.

How about defining the “variable” parts as an array with keys corresponding to the placeholders in your string?

$string = "{X} created a thread on {Y}";
$values = array(
   'X' => "Danny",
   'Y' => "Stack Overflow",

echo str_replace(
   array_map(function($v) { return '{'.$v.'}'; }, array_keys($values)),

Why can’t you just use the template string within a function?

function threadTemplate($x, $y) {
    return "{$x} created a thread on {$y}";
echo threadTemplate($foo, $bar);


$X = 'Dany';
$Y = 'Stack Overflow';
$lang['example'] = "{$X} created a thread on {$Y}";


echo $lang['example'];

Will output:

Dany created a thread on Stack Overflow

As you requested.


As per the OP’s comments about making the solution more portable:

Have a class do the parsing for you each time:

class MyParser {
  function parse($vstr) {
    return "{$x} created a thread on {$y}";

That way, if the following occurs:

$X = 3;
$Y = 4;

$a = new MyParser();
$lang['example'] = $a->parse($X, $Y);

echo $lang['example'];

Which will return:

3 created a thread on 4;

And, double checking:

$X = 'Steve';
$Y = 10.9;

$lang['example'] = $a->parse($X, $Y);

Will print:

Steve created a thread on 10.9;

As desired.


As per the OP’s comments about improving portability:

class MyParser {
  function parse($vstr) {
    return "{$vstr}";

$a = new MyParser();

$X = 3;
$Y = 4;
$vstr = "{$X} created a thread on {$Y}";

$a = new MyParser();
$lang['example'] = $a->parse($vstr);

echo $lang['example'];

Will output the results cited previously.

$lang['example'] = "$X created a thread on $Y";

just throwing another solution in using associative arrays. This will loop through the associative array and either replace the template or leave it blank.


$list = array();
$list['X'] = 'Dany';
$list['Y'] = 'Stack Overflow';

$str = '{X} created a thread on {Y}';

$newstring = textReplaceContent($str,$list);

    function textReplaceContent($contents, $list) {

                while (list($key, $val) = each($list)) {
                    $key = "{" . $key . "}";
                    if ($val) {
                        $contents = str_replace($key, $val, $contents);
                    } else {
                        $contents = str_replace($key, "", $contents);
                $final = preg_replace('/[w+]/', '', $contents);

                return ($final);

Leave a Reply

Your email address will not be published. Required fields are marked *