leftypol
/
leftypol
4
5
Fork 2
Code Issues 57 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Use === operator in authentication.

pull/40/head
Michael Save 11 years ago
parent
e5bf2a91fc
commit
774e27caf5
1 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      inc/mod/auth.php

4
inc/mod/auth.php
View File

@ -49,7 +49,7 @@ function login($username, $password, $makehash=true) {
'username' => $username, 'username' => $username,
'hash' => mkhash($username, $password), 'hash' => mkhash($username, $password),
'boards' => explode(',', $user['boards']) 'boards' => explode(',', $user['boards'])
); );
} else return false; } else return false;
} }
@ -108,7 +108,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
$user = $query->fetch(); $user = $query->fetch();
// validate password hash // validate password hash
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) { if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
// Malformed cookies // Malformed cookies
destroyCookies(); destroyCookies();
error($config['error']['malformed']); error($config['error']['malformed']);

Write Preview
Loading…
Cancel
Save