Summary: The key judgment, compare as far as possible use = = = Type and value comparison of the identity comparison
1.if ($var) $var follows the Boolean conversion.
When converted to Boolean, the following values are considered FALSE
:
- The Boolean value
FALSE
itself
- Integer value 0 (0)
- Floating-point value 0.0 (0)
- An empty string, and the string "0"
- An array that does not include any elements
- Objects that do not include any member variables (PHP 4.0 only applies)
- Special type NULL (including variables that have not been assigned)
- SimpleXML object generated from an empty tag
2. String active transformation (int) or intval (): Will convert from the beginning of the string to know that a non-numeric character is encountered. Even if there is a string that cannot be converted, intval () does not error but returns 0.
3. Compare = =, hidden string shaping conversion principle: a. When a comparison operation is encountered, the string is parsed as a scientific notation if it encounters a 0e\d+ string. B. When one of the strings is at the beginning of 0x, PHP parses the string into decimal and then compares it.
"0E1ABC" = = "0"//false
"0x1e240" = = "123456"//true
"0x1e240" ==123456//true
"0e132456789" = = "0e7124511451155"//true
4. Note that Switch,array_search () is loosely compared to In_array () to determine the problem.
Summary of PHP data security issues