User-Agent String String comparison using == operator in PHP

A new article comparing strings in PHP with the == operator recently published on Greg Beaver's blog mentioned issues worth noting when comparing strings with PHP's == operator.
　In some cases, PHP will convert numerical data (such as strings containing numbers, etc.) into numerical processing, and the == operator is one of them. When using the == operator to loosely compare two strings, PHP will convert the -like numeric string into a numeric value for comparison. The following experiment confirms this conclusion:
<span><span><br><span><? php</SPAN><BR><SPAN>var_dump</SPAN></SPAN><SPAN>(</SPAN><SPAN>'01' </SPAN><SPAN>== </SPAN><SPAN>1</SPAN><SPAN>);<BR></SPAN><SPAN><SPAN><SPAN>?></span><br></span></span> The output result of the above code is:
bool(true )
　 Therefore, when comparing strings, it is recommended to use the === operator to strictly check the string, or use functions such as strcmp() to avoid possible problems. The "PHP Type Comparison Table" in the PHP manual also explains this in detail.
In addition, the commonly used in_array() function also has weak type problems, see the following code:
<span><span><?php<br>var_dump</span><span>(</span><span>in_array</span><span>(</span><span>'01' </span><span>, array(</span><span>'1'</span><span>)));<br></span><span><span>?> PHP programmers who do security checks all know what kind of security problems this will cause, right? Fortunately, the </span><br>in_array() function provides us with a third parameter. Setting it to true can turn on the mandatory type checking mechanism of the </span></span>in_array() function, as shown in the following code:


var_dump(in_array
('01'<span><span>, array(<br></span>'1'<span></span>), <span></span>true<span></span>)); <span></span><span></span>?& gt;<span></span><span></span><span> </span>The output result is: <span>bool(false)<br></span><span>Since PHP is a weakly typed language, that is to say, the concept of data type is <span>weakened in PHP. Therefore, if you ignore the data type too much when programming (which is also a common problem among most PHP programmers), some problems will occur and even lead to security vulnerabilities. Finally, as the annoying saying goes, strictly check and filter external data. </span> The above introduces the use of User-Agent strings in PHP for string comparison using the == operator, including the content of User-Agent strings. I hope it will be helpful to friends who are interested in PHP tutorials. <br> </span> </span>