If anyone is wondering why: PHP's strpos() returns “false” when the second string argument does not occur as a substring of the first argument, and returns 0 when the second string argument occurs at position 0 of the first string argument. Thus, strpos( “/admin”, “/admin” ) returns 0, but strpos( “Cabbage/admin”, “/admin” ) will return a positive integer.
You're supposed to test the return value explicitly: “if( strpos( $a, $b ) !== false)”, but it only says that like five times in giant red letters on the manual page (http://us2.php.net/strpos) so it's easy to see how someone could miss it.
“Re: Cabbage Based Authentication [1]”
Besides being reason #3.1415926 for hating PHP [2], this is a further example of my dislike for dynamically typed languages (and muddled thinking [3]). What we have here is a function that returns a positive integer if we find one string within another, but a boolean otherwise. This mixing of return types is futher compounded by the fact that in PHP, an integer value of 0 is also treated as the boolean “false” value.
So let's not fix strpos() to return something sane, like -1 for “string not found,” let's instead extend the langauge with a silly “boolean only comparison” to fix this particular problem.
I would really love to know what Rasmus Lerdorf was smoking [4] …
=> [1] http://worsethanfailure.com/Comments/Cabbage_Based_Authentication.aspx# | [2] /boston/2004/11/11.3 | [3] /boston/2006/06/05.1 | [4] /boston/2005/03/08.2
=> Gemini Mention this post | Contact the author This content has been proxied by September (3851b).Proxy Information
text/gemini