Use hash_equals method to compare the hashes.
This commit is contained in:
Marcin Łojewski
@@ -50,6 +50,6 @@ class Cleartext implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $password === $dbHash;
|
return hash_equals($dbHash, $password);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ class CourierMD5 implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ class CourierMD5Raw implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ class CourierSHA1 implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ class CourierSHA256 implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ class MD5 implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ class SHA1 implements HashAlgorithm
|
|||||||
*/
|
*/
|
||||||
public function checkPassword($password, $dbHash)
|
public function checkPassword($password, $dbHash)
|
||||||
{
|
{
|
||||||
return $this->getPasswordHash($password) === $dbHash;
|
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user