|
Posted by Jerry Stuckle on 03/20/06 04:40
Shelly wrote:
> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
> news:tfGdnWvTPJxom4bZRVn-qg@comcast.com...
>
>>Steve Chapel wrote:
>>
>>>Jerry Stuckle wrote:
>>>
>>>
>>>>pieter_hordijk@hotmail.com wrote:
>>>>
>>>>
>>>>>Why are you using three equal signs?
>>>>>
>>>>>The following is enough:
>>>>>if(($_POST['username'] == 'steven') && ($_POST['password'] ==
>>>>>'crocker'))
>>>>>
>>>>
>>>>Three equal signs checks to ensure they are both the same type and the
>>>>same value.
>>>>
>>>>Otherwise you can have the potential problem of the user entering a zero
>>>>for username and password. PHP could then try to compare as integers
>>>>instead of strings - and convert 'steven' and 'crocker' to zero. The
>>>>comparison would then be true.
>>>
>>>
>>>But because $_POST["username"] is a string, and 'steven' is a string, a
>>>string comparison will be done with ==, and the problem you mention with
>>>a numeric comparison won't happen, right? I just tried some PHP code with
>>>a simple variable ($str) in place of $_POST["username"] set to "0", and a
>>>string comparison is done.
>>
>>Steve,
>>
>>In this particular example, that's true - it will compare OK, at current
>>versions of PHP. But it's still a good habit to get into.
>
>
> Maybe it is the "C" (and Java) in me, but I always compare with
>
> if (!strcmp(first, second))
>
> or strcasecmp. That way I am always sure I am comparing the contents of
> strings. (Am I wasting my effort?)
>
> Shelly
>
>
Shelly,
$first === $second
does the same thing.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
[Back to original message]
|