Nice "equal" function taking constant time to compute. This avoids time attacks, based on the assumption that different things and equal things take different time to compare.

     function slow_equals($a, $b)
     {
         $diff = strlen($a) ^ strlen($b);
         for($i = 0; $i < strlen($a) && $i < strlen($b); $i++)
         {
             $diff |= ord($a[$i]) ^ ord($b[$i]);
         }
         return $diff === 0;
     }