|  | Posted by Jerry Stuckle on 03/17/06 20:56 
Steve Chapel wrote:> Jerry Stuckle wrote:
 >
 >> pieter_hordijk@hotmail.com wrote:
 >>
 >>> Why are you using three equal signs?
 >>>
 >>> The following is enough:
 >>> if(($_POST['username'] == 'steven') && ($_POST['password'] ==
 >>> 'crocker'))
 >>>
 >>
 >> Three equal signs checks to ensure they are both the same type and the
 >> same value.
 >>
 >> Otherwise you can have the potential problem of the user entering a
 >> zero for username and password.  PHP could then try to compare as
 >> integers instead of strings - and convert 'steven' and 'crocker' to
 >> zero.  The comparison would then be true.
 >
 >
 > But because $_POST["username"] is a string, and 'steven' is a string, a
 > string comparison will be done with ==, and the problem you mention with
 > a numeric comparison won't happen, right? I just tried some PHP code
 > with a simple variable ($str) in place of $_POST["username"] set to "0",
 > and a string comparison is done.
 
 Steve,
 
 In this particular example, that's true - it will compare OK, at current
 versions of PHP.  But it's still a good habit to get into.
 
 --
 ==================
 Remove the "x" from my email address
 Jerry Stuckle
 JDS Computer Training Corp.
 jstucklex@attglobal.net
 ==================
  Navigation: [Reply to this message] |