Vadimster Vadimster - 1 year ago 46
PHP Question

Same values are treated as different when comparing by !==

Jquery captures field input and POSTs to .php through AJAX. The fields are 'password' and 'confirmpassword'

PHP will call a method of an object with $_POST['password'] and $_POST['confirmpassword'] as arguments

The method has the following check amongst others:

} else if ($password !== $confirmPassword){
$response = 'Passwords do not match';
return $response;


Disregarding of what I input the response is ALWAYS "Passwords do not match".

I print values to error_log() just to be on the safe side and they are same, i.e. no modification happens.

Does anyone have any idea what is this behavior?


I did some more testing and it seems that the !== check works fine BEFORE variable are passed as arguments to a method of an object. However, after I pass these values as arguments to a class (added through 'require' to the page) something terrible happens...


Here is full code:

a) Jquery

var signupRegister = function(){
var username = $('#signup-username').val();
var email = $('#signup-email').val();
var password = $('#signup-password').val();
var confirmPassword = $('#signup-confirmpassword').val();

var data = {action:'signup', username:username, email:email, password:password, confirmPassword:confirmPassword};

url: 'php/ajaxhandler.php',
dataType: 'json',
type: 'post',
data: data,
success: function(response){


b) Ajax handler (note that commented out code works!)

if(isset($_POST['action']) && $_POST['action'] === 'signup'){ //REQUEST 1: validate client input and add player to DB
$player = new Player();
$db = new Database();

if($_POST['password'] !== $_POST['confirmPassword']){
$json['msg'] = 'mismatch';
echo json_encode($json);
} else {
$json['msg'] = 'match';
echo json_encode($json);



$result = $player -> validateAndSignup($db, $_POST['username'], $_POST['email'], $_POST['password'], $_POST['confirmPassword']);
if ($result){
$json['msg'] = $result;
echo json_encode($json);
} else {
error_log('Error in $player -> validateAndSignup()');

c) the actual method of the Player class

public function validateAndSignup($db, $username, $email, $password, $confirmPassword){
if($username === "" || $email == "" || $password = "" || $confirmPassword === ""){
$response = 'Username, email or password missing';
return $response;

} else if (strcmp($password, $confirmPassword) !== 0){
$response = 'Passwords do not match';
return $response;

} else if(preg_match("/[^A-Za-z0-9]/", $username)){
$response = 'Invalid characters in username';
return $response;



Answer Source

After adding your full code the problem is clear:

In this line

if($username === "" || $email == "" || $password = "" || $confirmPassword === ""){

you are setting $password to "".

Checking a empty string against the $confirmedPassword does not match.

Bonus: Use isset() to check if a string is empty instead of ===. (Explanation here)

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download