I made a php script to see if what the contents of a txt file are the same as the users input. I wrote an if statement to see if it is correct and if it isn't send it to an else. If i dont send any variables, then it works, and displays
a is b is file is 1
but if i enter the file and the correct contents it displays
a is test.txt b is hello file is hello 0
Here is my code
<?php
session_destroy();
$a=htmlspecialchars($_REQUEST['a']);
$b=htmlspecialchars($_REQUEST['b']);
$my_file = file_get_contents($a);
echo "a is $a
";
echo "b is $b
";
echo "file is $my_file
";
if ( $my_file == $b ) {
echo "1";
}else {
echo "0";
}
?>
Any ideas?
These are un-initialized variables, so if you enter nothing, then you're getting if (false == false) which is true.
This is because php interprets null as being false. It's weird, I acknowledge.
Either check to see if your variables have been set, or initialize them with defaults.
Try using htmlspecialchars function on the content you read from your file as well just to be on the safe side, then use trim on the input you read from a file and on the user input as well