php帮助理解这一行的作用,或者转换为C#

if (strrpos($_POST['security_data'], $OrderReference) === false || 
    md5($_POST['security_data'] . $sekey) != $_POST['security_hash']) 
{ 
  return; 
}

I don't understand why is strrpos in there and === "3 equals" and what is the dot "." doing in $_POST['security_data'] . $sekey

Thank You

Here's a translation to C#:

string hash = MD5.Create().ComputeHash(Request.Form["security_data"] + sekey);    
if (!Request.Form["security_data"].Contains(OrderReference) 
    || hash != Request.Form["security_hash"])
{
     return;
}

strrpos returns the position of the substring.

echo strrpos("Hello", "e"); // outputs `1`

. is concatenation.

echo "Hello "."There"; // outputs: 'Hello There'

=== checks type as well as equality.

var_dump(1 == true); // true
var_dump(1 === true); // false
  • strrpos returns false if the string isn't found (don't know which string in which, but the docs will tell you)
  • === compares type as well instead of just value. This is done so php doesn't to any casting, for example 0 == false (0 represents false in php as well) but 0 !== false as 0 isn't the same type as false.
  • the . is the concat operator in php.

strrpos is "return position of substring within a string, starting from the right (end) side". === is the PHP strict comparison, which compares type AND value. The strpos functions CAN return a legitimate 0 as a position, which is the very start of the string. But 0 evalutes to boolean FALSE in PHP, so the === check ensures that you're looing at a real false (strrpos found nothing) and not just "strrpos found string at position zero".

The dot (.) connects between 2 strings, and the 3 equals checks if the returned value is in the same type as what it compared to

If the contents of the variable $OrderReference are not found in the POST variable security_data, or the MD5 hash of the POST variable security_data, concatenated with (that's the . operator in PHP) the variable $sekey isn't equal to security_hash, return from the function.

=== is used to ensure that the return from strrpos() is the boolean FALSE rather than the possible valid return value of 0. === is for strict type comparison.