TLDR: checking passwords in php used to rely on using the correct comparison operator. Using the'==' operator would introduce subtle flaws. Using '===', you're fine.
Yeah; PHP and Javascript are in the same general category of completely insane languages. As was (pre-.NET) Visual Basic, though for slightly different reasons.
You should never have been doing that in the first place, checking password hashes should use a constant time equality check to prevent timing attacks.
Just so happens there is now one in PHP - hash_equals, but even before that you could do a constant time equality check trivially by hand.
Documented insanity is still insanity. A very clear example that was luckily removed quite quickly: php_check_syntax.[1]
> Check the PHP syntax of (and execute) the specified file
This function's name and its documentation suggest completely different use-cases. In fact, it apparently does the one thing I wouldn't expect it to do based on the name. It's insane, and it cannot be excused just because the insanity is documented.
The example given by GP is a lot more subtle, but this is not a good argument to make.
I accept that, but I still don't really understand the issue, which programming language can I pick where I don't need to read about what does what, I don't feel any language is intuitive per se?
Seriously, I've worked with coders where English is a second language, they literally had no idea that the combination of letters making up words we recognise were anything but symbolic of the function.