Security issues that may be referenced when comparing php characters with double equals

Title party !, The article is short. Haha! I studied php before. Php automatically performs similar conversions. This is a feature of php, not known as 0-day,

Perl.

Directly cutting the text, everyone who learns php knows the difference between "=" and "=". The former will automatically change the type when comparing different types of variables, the latter detects

Whether the variable types are consistent.

Var_dump (boolean) ""); // false
Var_dump (boolean) ''); // false
Var_dump (boolean) '0'); // false
Var_dump (boolean) '0. 0'); // true
Var_dump (boolean) 0.0); // false
Var_dump (boolean) array (); // false
// Var_dump (boolean) bar); // php 4.0
Var_dump (boolean) null); // null variable
// Var_dump (boolean) $ bar); // false

Var_dump (boolean) 0 = 1); // false
Var_dump (1 = 'bar'); // false
Var_dump (0 = 'bar'); // true
Var_dump (0 = 'bar'); // false
?>

In some cases, this small detail may cause security problems. For example, an identity bypass vulnerability in mysql, DZ XSS

Http://sebug.net/vuldb/ssvid-60198

First:

 

Let's take a look at an XSS of DZ 6.
 

If (! Empty ($ listgid) & ($ listgid = intval ($ _ GET ['listgid']) {// here, we use [=] instead of [=] For comparison, and $ listgid is not initialized :) $ type = $ adminid = 1? 'Grouplist': $ type;} else {$ listgid = ";}... $ Multipage = multi ($ num, $ memberperpage, $ page, "member. php? Action = list & listgid = $ listgid & srchmem = ". rawurlencode ($ srchmem)." & order = $ order & type = $ type ", $ membermaxpages );

$ Listgid = intval ($ _ GET ['listgid']) // true
We recommend that you use ===$ val ===$ val1 & return true;