Perl thinks all strings are equal

Question

Edit: I did try using eq instead of == earlier, and it did not work. For some reason now it does. It's possible that there was another error at that point which prevented it from working, but now this has been resolved. Thank you.

I'm trying to do some simple validation. I want to make sure the redirect url being fed through a variable begins with a particular site or not. If it does, the redirect goes through, if not, it redirects to the root of the site. Seems pretty straight forward, right?

$redir = $input{'redirect'};
$redir_sub = substr($redir, 0, 21);
if ($redir_sub == "http://www.mysite.com") {
     print "Location: $redir \n\n";
}else{
     print "Location: http://www.mysite.com \n\n";
}

The thing is, no matter what variable I place in there, it the "if" returns as true. I could put my favorite webcomic in there and it'll redirect to it, despite the string not matching. For example this:

$redir = $input{'redirect'};
$redir_sub = "http://www.yahoo.com"
if ($redir_sub == "http://www.mysite.com") {
     print "Location: $redir_sub \n\n";
}else{
     print "Location: http://www.mysite.com \n\n";
}

That redirects to yahoo! What is going on?

Answer 1

Operator == is used to compare numbers. You should replace it with operator eq

Answer 2

if ($redir_sub == "http://www.mysite.com")

should be

if ($redir_sub eq "http://www.mysite.com")

as eq is string equality operator, and using == forces number comparison so in this case condition always evaluates to trues as 0 == 0 is true.

Answer 3

TL;DR: use eq not ==!

---

Perl as a language seems to have a problem: It uses the same data type (the scalar) for a lot of different things, including strings and numbers. A scalar is both at the same time, not just one of those. Perl has no type annotations, and there is no way to indicate if a variable holds a string or a number.

This produces problems when we consider equality tests. Assuming two scalars $a = "42.0" and $b = 42. Are they equal? Yes and no:

• The strings "42" and "42.0" are not the same thing! These are not equal.
• The numbers 42 and 42.0 are equal!

As indicated above, Perl does not use a type system to solve this ambiguity. Rather, it uses different sets of operators for string and numeric operations:

eq ne lt le gt ge cmp
== != <  <= >  >= <=> 

Answer 4

Your problem is that you are not using

use warnings;

Which is why Perl is allowing you to make this mistake. You are using the numeric equality operator to compare strings. Hence, Perl first tries to convert each parameter to a number. And since your strings do not begin with numbers (and do not look like numbers), they are converted to zero 0. Hence your expression

if ($redir_sub == "http://www.mysite.com")

Really means this

if (0 == 0)

Which of course always returns true.

If you had been using warnings, you would have gotten the errors:

Argument "http..." isn't numeric in numeric eq (==) at ...
Argument "http..." isn't numeric in numeric eq (==) at ...

Which would have been a hint as to your problem that you should be using eq and not == to compare strings.

Answer 5

== does numeric comparison. eq does string comparison. When you use a string as a number, perl passes your string through your c library's aton(). So you're really asking your computer if 0 == 0 which is true.