November 16, 2016 —John Koster
The equals
method will determine if two strings are the same. The equals
method implements a constant-time algorithm, meaning that the time it takes the method to complete does not necessarily increase as the size of the two inputs ($knownString
and $userInput
) increases. The method returns a boolean value, true
if the strings are determined to be equal to one another or false
if the strings are determined to not be equal to one another.
The signature for the equals
helper method is:
equals($knownString, $userInput)
The following examples will highlight some example usage of the equals
method. The returned result of the method will appear above the method call as a comment:
1use \Illuminate\Support\Str; 2 3// true 4Str::equals('test string', 'test string'); 5 6// true 7Str::equals('', ''); 8 9// false10Str::equals('AAA', 'aaa');11 12// true13Str::equals(hash('sha256', md5('test')), hash('sha256', md5('test')));
As of Laravel version 5.2, the previous internal implementation of the equals
helper method has been deprecated in favor of PHP's built in hash_equals
function.
The equals
method has the possibility of leaking length information about the given inputs if the supplied $knownString
and $userInput
are of different lengths using timing attacks. This is generally not a major issue, as preventing the leakage of length information is extremely difficult, if not impossible. The equals
method does not leak information about the differences between the two strings.
For more information regarding this topic, refer to the following pages and articles:
∎
The following amazing people help support this site and my open source projects ♥️
If you're interesting in supporting my work and want to show up on this list, check out my GitHub Sponsors Profile.