WarpConduit Computing

  • Quick Tips
  • Web Design & Development
  • Graphic Design
  • Home
  • WordPress Plugins
  • Password Generator
  • About
  • Contact

Loose comparisons with ==

May 1, 2015 by Josh Hartman

UPDATE (2/17/2022): String-to-number loose comparisons have changed with the release of PHP 8.0. See https://www.php.net/manual/en/migration80.incompatible.php for more information. The information below relates to PHP versions prior to PHP 8.0.

My ZCE studies didn’t expose me to these edge cases, well except for the first one.

If you use == watch out for these and related:


<?php
echo ((0 == 'hello') ? 'true' : 'false').PHP_EOL; //true
echo ((0 == '1hello') ? 'true' : 'false').PHP_EOL; //false
echo (('0' == '0e0') ? 'true' : 'false').PHP_EOL; //true
echo (('0' == '0e0e') ? 'true' : 'false').PHP_EOL; //false
echo (('0' == '0ee') ? 'true' : 'false').PHP_EOL; //false
echo ((0 == '0x0') ? 'true' : 'false').PHP_EOL; //true
echo ((0 == '0x0x') ? 'true' : 'false').PHP_EOL; //true
echo ((0 == '0x0b') ? 'true' : 'false').PHP_EOL; //false
?>

Whoa, we don’t want any of these to return true, what’s a developer to do?

Strict comparisons with ===


<?php
echo ((0 === 'hello') ? 'true' : 'false').PHP_EOL; //false
echo ((0 === '1hello') ? 'true' : 'false').PHP_EOL; //false
echo (('0' === '0e0') ? 'true' : 'false').PHP_EOL; //false
echo (('0' === '0e0e') ? 'true' : 'false').PHP_EOL; //false
echo (('0' === '0ee') ? 'true' : 'false').PHP_EOL; //false
echo ((0 === '0x0') ? 'true' : 'false').PHP_EOL; //false
echo ((0 === '0x0x') ? 'true' : 'false').PHP_EOL; //false
echo ((0 === '0x0b') ? 'true' : 'false').PHP_EOL; //false
?>

Much better.

Learn more at http://php.net/manual/en/types.comparisons.php

Filed Under: Quick Tips Tagged With: comparisons, loose, php, strict, type

Escape HTML Function for Browser Output Prevents XSS (Cross-Site Scripting)

April 20, 2013 by Josh Hartman

I don’t know about you but my fingers get tired of escaping output by typing the long-winded htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); over and over again in small PHP projects that don’t need a full-blown framework with automatic output filtering (e.g. CodeIgniter). No matter how small your project is though filtering your output is extremely important so that you prevent malicious users from executing XSS (Cross-Site Scripting) JavaScript code.

So I decided to give my fingers some relief and finally write a short little helper function and share it. See the code and example in the gist below.

Filed Under: Web Design & Development Tagged With: escape, function, helper, html, htmlspecialchars, output, php, xss

Highly Secure Data Encryption & Decryption Made Easy with PHP, MCrypt, Rijndael-256, and CBC

April 14, 2013 by Josh Hartman

Random hexadecimal codes on a computer monitor.  Shallow depth of field.In various projects in the past I’ve had to revisit the topic of data encryption and decryption and the best way to accomplish it. In the interest of developing in the simplest, most efficient, and most secure way I have chosen the MCrypt PHP library (built-in to PHP since v4.0.2), Rijndael-256 cipher, and the Cipher Block Chaining (CBC) mode.

Previously I have used the Electronic CodeBook (ECB) mode, but have learned that it is far less secure than CBC because it creates the same hash every time for the same source data. CBC on the other hand creates a unique hash every time even for the same source data.

Anyways, below you’ll find my revised encrypt/decrypt functions with support for all PHP data types. [Read more…]

Filed Under: Web Design & Development Tagged With: cbc, cipher, decrypt, encrypt, mcrypt, php, rijndael

Automatically Embedding Video Using Only the URL With the Help of oEmbed

April 13, 2013 by Josh Hartman

One of my favorite functions of the WordPress editor is now the automatic embedding of video and other rich media by simply putting the URL on it’s own line. Really, it’s amazing!

Here is my rip of the WordPress code (found in the WP_Embed and WP_oEmbed classes) and assembled into a class named AutoEmbed. [Read more…]

Filed Under: Web Design & Development Tagged With: automatic, class, embed, html, media, photo, php, text, url, video, wordpress

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next Page »

Connect

  • Facebook
  • GitHub
  • RSS
  • Twitter
  • YouTube

Recent Posts

  • Extremely Useful Applications for Web Development and IT Tasks
  • Installing BookStack Wiki on cPanel Shared Hosting
  • Media (MIME) Type Reference List

Tags

automatic benchmark cbc cipher class comparisons cpanel credit memo css decrypt encrypt font gzip htaccess html image increment javascript jquery list magento mcrypt mysql number old opencart order php profiling random redirect repository rijndael shipment software strict ubuntu url wincachegrind windows windows 7 wordpress xampp xdebug xss

Blogroll

  • CodeIgniter
  • Fusion Forward
  • jQuery
  • Nettuts+
  • Smashing Magazine

© 2023 WarpConduit Computing. All Rights Reserved.