We have seen in class that loose comparison == of PHP equates (different) values of different types, i.e., values are the same after type juggling.
Comparing integers and strings
When a string is compared with an integer the string is converted into integer. For example:
"0000" == 0 TRUE "0e12" == 0 TRUE exponential notation! "1e12" == 1 FALSE exponential notation! "1a12" == 1 TRUE integer is cut to 1 "0abc" == 0 TRUE integer is cut to 0 "abc" == 0 TRUE no digits, converted to 0
Comparing strings that look like integers
When two strings look like integers then PHP convert them into integers. For example:
"0e12" == "0e34" TRUE exponential notation
"1e12" >= "2" TRUE exponential notation
"1e12" >= "b" FALSE lexicographic order ("b" does not look like an integer)
"0e12" == "0" TRUE exponential notation
0xF == "15" TRUE
"0xF" == "15" FALSE since version 7.0! (before, it was true!)
Loose comparison introduces unpredictable behaviours that might be exploited by an attacker to modify the application control-flow.
Exercise
WeChall is a great, classic resource with a lot of security challenges! Behave correctly and do not post your solutions on the Web
Try to solve the WeChall challenge php0818. The magic number you enter to solve the challenge (lowercase…) is your password for Task 2!