http://raz0r.name/vulnerabilities/simple...
----
Если коротко:

PHP documentation on type juggling:
> The value is given by the initial portion of the string. If the string starts with valid numeric data, this will be the value used. Otherwise, the value will be 0 (zero). Valid numeric data is an optional sign, followed by one or more digits (optionally containing a decimal point), followed by an optional exponent. The exponent is an ‘e’ or ‘E’ followed by one or more digits.

It means that if you compare a string «0e1337″ with a string «0″ they will be equal, because 0 power 1337 is zero.

#tiigzn

add comment recommend bookmark subscribe