Programming Fundamentals/String Formatting

Overview
String formatting uses a process of string interpolation (variable substitution) to evaluate a string literal containing one or more placeholders, yielding a result in which the placeholders are replaced with their corresponding values.

Discussion
Most current programming languages provide one or more string formatting functions that use a template string with placeholders and optional alignment, width, and precision indicators to generate formatted output. String interpolation, like string concatenation, may lead to security problems. If user input data is improperly escaped or filtered, the system may be exposed to code injection.

Key Terms

 * code injection
 * The exploitation of a computer bug that is caused by processing invalid data.


 * formatting
 * Modifying the way the output is displayed.


 * interpolation
 * Variable substitution


 * string interpolation
 * Evaluating a string literal containing one or more placeholders, yielding a result in which the placeholders are replaced with their corresponding values.