Weird comparison of a string in PHP

Weird comparison of a string in PHP

Say there is a dropdown named message as
<select name='message'>
<option value=0>Please select Message</option>
<option value='decoded'>Decoded</option>
<option value='processing'>Processing</option>
</select>


Now I want to validate the form and throw an error if user dint selects anything. What I wrote is.


if($message == 0)
{
echo "Error!!!";
echo "Message is not yet received";
}



Can you see anything wrong in this code?
What's happening is, for all selected values of message drop down, it throws an error!!!

it's quite surprising ... :-O


Any guesses on why is it happening...


Let me tell you...
Reason is that while comparing $message with 0, where 0 is an int, php converts string to int. that is it compares
(int) $message to 0.



To my full surprise, interger casting of any string yields 0. Which is why for all selected values, the comparison gets bypassed.


Solution to this is.

if($message == '0')
{
echo "Error!!!";
echo "Message is not yet received";
}

Avoid two users trying to access with same session cookie data?

How would you avoid two users trying to access with the same session cookie data?

This is same as asking how would you avoid Session Fixation or Session Hijacking.



Solution:

1. Regenerate the Session Id on each user request i.e.  call session_regenerate_id() at the beginning of each request.
2. Fix the active time of a session. If a user is logged in from time more than time out value, automatically log off the User.
3. Check the 'browser fingerprint' on each request. This is a hash, stored in a $_SESSION variable, comprising some combination of the user-agent header, client IP address, a salt value, and/or other information. 
4. Check referrer: this does not work for all systems, but if we know that users of this site must be coming from some known domain we can discard sessions tied to users from elsewhere.

Below is a sample code to implement this.


$timeout = 3 * 60; // 3 minutes
$fingerprint = md5('SECRET-SALT'.$_SERVER['HTTP_USER_AGENT']);
session_start();
if ( (isset($_SESSION['last_active']) && (time() > ($_SESSION['last_active']+$timeout))) || (isset($_SESSION['fingerprint']) && $_SESSION['fingerprint']!=$fingerprint) || isset($_GET['logout']) ) 
{ 
         do_logout();
}
session_regenerate_id();
$_SESSION['last_active'] = time();
$_SESSION['fingerprint'] = $fingerprint;

git resolve merge or rebase conflicts

When you do rebase or merge on your local git repository, there are chances that snippet of code changed by you is also changes by one of your colleague.



If such case occurs, git has no clue on which one to choose and which one to reject. You need to dig into the files, see the changes and decide on which one to keep.Git helps us in doing so by means of two files.

1. It creates file_with_conflict.php.orig --> it contain your local, original file before merge happened.


2. file_with_conflict.php --> it notifies you of changes done by your colleague and how they are contradicting your changes.


3. You will find below symbols in file_with_conflict.php

<<<<<<< HEAD
changes in your local repository
========
changes done by your colleague
.>>>>>> commit name of your colleague


4. Meanings of these notations are as

<<<<<<<: Indicates the start of the lines that had a merge conflict. The first set of lines are the lines from the file that you were trying to merge the changes into.

=======: Indicates the break point used for comparison. Breaks up changes that user has committed (above) to changes coming from merge (below) to visually see the differences.

>>>>>>>: Indicates the end of the lines that had a merge conflict.



If you find it helpful or if you have any queries, please leave your valuable comments.

git remove untracked files from git status

git clean -f

git-clean - Remove untracked files from the working tree

git clean [-d] [-f] [-n] [-q] [-e <pattern>] [-x | -X] [--] <path>…