diff options
| author | javiexin <javiexin@gmail.com> | 2015-07-09 20:02:39 +0200 |
|---|---|---|
| committer | javiexin <javiexin@gmail.com> | 2015-07-09 20:02:39 +0200 |
| commit | 054da801144c5e6f70a3c7fcd8244c38e2a1c619 (patch) | |
| tree | dbbdb2dcb9cea44e67a5d0122946167786c557fe /phpBB/phpbb/passwords/driver | |
| parent | 558d604d83fd5ded2edc854a9944ad0d1188e2e5 (diff) | |
| parent | f576f42b4d3c607aee6b30154502adfed79301fb (diff) | |
| download | forums-054da801144c5e6f70a3c7fcd8244c38e2a1c619.tar forums-054da801144c5e6f70a3c7fcd8244c38e2a1c619.tar.gz forums-054da801144c5e6f70a3c7fcd8244c38e2a1c619.tar.bz2 forums-054da801144c5e6f70a3c7fcd8244c38e2a1c619.tar.xz forums-054da801144c5e6f70a3c7fcd8244c38e2a1c619.zip | |
Merge pull request #1 from phpbb/3.1.x
Bring version up to date 20150708
Diffstat (limited to 'phpBB/phpbb/passwords/driver')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/helper.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/phpBB/phpbb/passwords/driver/helper.php b/phpBB/phpbb/passwords/driver/helper.php index caa65080ac..f80c3e3df6 100644 --- a/phpBB/phpbb/passwords/driver/helper.php +++ b/phpBB/phpbb/passwords/driver/helper.php @@ -153,11 +153,23 @@ class helper */ public function string_compare($string_a, $string_b) { - $difference = strlen($string_a) != strlen($string_b); + // Return if input variables are not strings or if length does not match + if (!is_string($string_a) || !is_string($string_b) || strlen($string_a) != strlen($string_b)) + { + return false; + } + + // Use hash_equals() if it's available + if (function_exists('hash_equals')) + { + return hash_equals($string_a, $string_b); + } + + $difference = 0; for ($i = 0; $i < strlen($string_a) && $i < strlen($string_b); $i++) { - $difference |= $string_a[$i] != $string_b[$i]; + $difference |= ord($string_a[$i]) ^ ord($string_b[$i]); } return $difference === 0; |