1

I'm programming both in JAVA and PHP. I got one problem with string comparison. Actually two strings that are the same (in my perspective) is not the same according to JAVA.

Background to problem:

I set a cookie using $userid_hash = sha1($row["profileId"].'helloworld'); along with $userid = $row["profileId"]. This is done to prevent a user from accessing another account.

The problem now is that I have some server code written in JAVA that is hashing the userid and comparing it with userid_hash. I print them out in the console. Both string is identical.

But the thing is I have wrapped the rest of the code around an if statement in case of any fraud attempts. And java is interpreting the strings as not the same, even though they is, according to my console in Eclipse. What can be the source of this problem?

I'm using this as my SHA1 hash Syntax wrong with my SHA1 code. I call it using "somestring".getBytes("UTF-8");. And my MySQL database is UTF-8 encoded also any strings I enter in Eclipse is also UTF-8 encoded. What have I done wrong? How can I locate the problem?

EDIT:

This is the println statement in java before comparison:

ab968f939a4869339b5cdb611674bdf4954f2f6a ab968f939a4869339b5cdb611674bdf4954f2f6a

EDIT:

If statement:

if(packageName.toSHA1((profileId+"secret").getBytes("UTF-8")) == profileId_ver)
Community
  • 1
  • 1
einstein
  • 13,389
  • 27
  • 80
  • 110
  • 4
    You haven't shared any code, so it's very difficult to help. "I have a problem, what's the solution?" doesn't help... Are you comparing Strings properly? don't use `==`, but `.equals()` – davin Mar 01 '11 at 19:26
  • What does your if statement look like? Are you using equalsIgnoreCase for the comparision? – blong824 Mar 01 '11 at 19:25

1 Answers1

12

Are you using .equals() instead of ==? == for strings tests that they're at the same location in memory, whereas .equals() checks that they're made of the same sequence of characters (which is what you'd want here).

Good:

if(string1.equals(string2))

Bad:

if(string1 == string2)
Owen
  • 1,541
  • 1
  • 14
  • 12
  • Ok it worked now! But why can't I use `==`? I'm new to JAVA as you might see. I also wondering if there is some PHP die() function equivalent in JAVA? In case you don't know the die() function in PHP, it stops compiling after the function is called. Than I don't have to wrap braces around a big code block – einstein Mar 01 '11 at 19:33
  • == doesn't (always) work because instead of checking that the strings are made of the same sequence of characters, it checks that they're in the same location in memory (I'm not exactly sure why that is...). Sometimes this evaluates to true - if you make two identical strings, Java might just make the second one a reference to the first one, so == will be true (strings are immutable, so there's no harm in that - if one string changes, it really becomes a new string). But it does mean that you need the 'deep' checking that .equals() allows. – Owen Mar 01 '11 at 19:37
  • 1
    == is 'object sameness' it returns true if 2 references point to the same object. equals() is logical equals -- it lets the programmer define what equals means given the objects. – hvgotcodes Mar 01 '11 at 19:42
  • Not one I would recommend using. :P – Owen Mar 01 '11 at 19:42
  • @thasc: A simple `return;` is the same as die() in PHP, at least in practice – einstein Mar 01 '11 at 19:47
  • @thasc "Because that's just how it is" (which is related to Java's lack of operator overloading, I suspect -- although, "why not just add another special-case?" ;-) –  Mar 01 '11 at 19:49
  • @thasc: I think your answer was so good that the other three dissapeared! – einstein Mar 01 '11 at 19:54