Search

Laravel String Helper Function: equals

November 16, 2016 —John Koster

The equals method will determine if two strings are the same. The equals method implements a constant-time algorithm, meaning that the time it takes the method to complete does not necessarily increase as the size of the two inputs ($knownString and $userInput) increases. The method returns a boolean value, true if the strings are determined to be equal to one another or false if the strings are determined to not be equal to one another.

The signature for the equals helper method is:

equals($knownString, $userInput)

The following examples will highlight some example usage of the equals method. The returned result of the method will appear above the method call as a comment:

1use \Illuminate\Support\Str;
2 
3// true
4Str::equals('test string', 'test string');
5 
6// true
7Str::equals('', '');
8 
9// false
10Str::equals('AAA', 'aaa');
11 
12// true
13Str::equals(hash('sha256', md5('test')), hash('sha256', md5('test')));

As of Laravel version 5.2, the previous internal implementation of the equals helper method has been deprecated in favor of PHP's built in hash_equals function.

#Security Considerations

The equals method has the possibility of leaking length information about the given inputs if the supplied $knownString and $userInput are of different lengths using timing attacks. This is generally not a major issue, as preventing the leakage of length information is extremely difficult, if not impossible. The equals method does not leak information about the differences between the two strings.

For more information regarding this topic, refer to the following pages and articles:

Some absolutely amazing
people

The following amazing people help support this site and my open source projects ♥️
If you're interesting in supporting my work and want to show up on this list, check out my GitHub Sponsors Profile.