Use strict type comparison
We certainly don't want to have type juggling on that.
This commit is contained in:
parent
254fa5eb22
commit
c4109d9aef
|
@ -183,14 +183,14 @@ class OC_User_Database extends OC_User_Backend {
|
||||||
$row = $result->fetchRow();
|
$row = $result->fetchRow();
|
||||||
if ($row) {
|
if ($row) {
|
||||||
$storedHash = $row['password'];
|
$storedHash = $row['password'];
|
||||||
if ($storedHash[0] == '$') { //the new phpass based hashing
|
if ($storedHash[0] === '$') { //the new phpass based hashing
|
||||||
$hasher = $this->getHasher();
|
$hasher = $this->getHasher();
|
||||||
if ($hasher->CheckPassword($password . OC_Config::getValue('passwordsalt', ''), $storedHash)) {
|
if ($hasher->CheckPassword($password . OC_Config::getValue('passwordsalt', ''), $storedHash)) {
|
||||||
return $row['uid'];
|
return $row['uid'];
|
||||||
}
|
}
|
||||||
|
|
||||||
//old sha1 based hashing
|
//old sha1 based hashing
|
||||||
} elseif (sha1($password) == $storedHash) {
|
} elseif (sha1($password) === $storedHash) {
|
||||||
//upgrade to new hashing
|
//upgrade to new hashing
|
||||||
$this->setPassword($row['uid'], $password);
|
$this->setPassword($row['uid'], $password);
|
||||||
return $row['uid'];
|
return $row['uid'];
|
||||||
|
|
Loading…
Reference in New Issue