Use === operator in authentication.

11 years ago · 774e27caf5
1 changed files with 2 additions and 2 deletions
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@ -108,7 +108,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
 	$user = $query->fetch();
 	
 	// validate password hash
-	if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
+	if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
 		// Malformed cookies
 		destroyCookies();
 		error($config['error']['malformed']);