Add strict check to phpass's CheckPassword() method to avoid issues when the method is improperly called.
git-svn-id: https://develop.svn.wordpress.org/trunk@24457 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
0aed5a2803
commit
473bef521b
|
@ -253,7 +253,7 @@ class PasswordHash {
|
||||||
if ($hash[0] == '*')
|
if ($hash[0] == '*')
|
||||||
$hash = crypt($password, $stored_hash);
|
$hash = crypt($password, $stored_hash);
|
||||||
|
|
||||||
return $hash == $stored_hash;
|
return $hash === $stored_hash;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue