lang:

PHP

regex:

if\s?\(\s?.*\s?(?<!\!)(?<!=)(?<!<)(?<!>)=(?!=)\s?('|").*('|")\s?\)

description:

Possible logic bug that could lead to security bugs. Assigning a static string to a variable in an if condition is not normal and is likely a mistake. Example: if($foo="bar") instead of if($foo=="bar"); to avoid this get in the habit of placing static strings on the left side of the comparison operator. Example: if("bar"==$foo). With this pattern the bug can be avoided as if("bar"=$foo) should cause a compile error.
tags:
logic bug
results