Use the PHP operator to compare strings. The output result of the above code is: bool (true). Therefore, when comparing strings, we recommend that you use the PHP operator to strictly check strings, or use functions such as strcmp ().The output result of the above code is:
Bool (true). Therefore, when comparing strings, we recommend that you use the PHP operator = to strictly check strings or use functions such as strcmp, this avoids possible problems.
In addition, common in_array () functions also have weak types. See the following code:
- < ?php
- var_dump(in_array('01', array('1')));
- ?>
The output result of the above code is:
Bool (true)
I believe that PHP programmers who have used this function for security checks all know what security issues will occur? Fortunately, the in_array () function provides us with the third parameter. setting it to true enables the forced type check mechanism of the in_array () function, as shown in the following code:
- < ?php
- var_dump(in_array('01', array('1'), true));
- ?>
Output result:
Bool (false)
Since PHP is a weak language, the concept of data type is weakened in PHP. Therefore, if the data type is excessively neglected during programming (which is also a common problem for most PHP programmers), Some problems may occur and even cause security vulnerabilities. At the end of the introduction of the PHP operator =, if that sentence is annoying, it will strictly check and filter external data.
Bool (true). Therefore, when comparing strings, we recommend that you use the PHP operator = to strictly check strings, or use strcmp () and other functions from...