Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add strict check to phpass's CheckPassword() method to avoid issues when the method is improperly called. 

git-svn-id: http://core.svn.wordpress.org/trunk@24457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Nacin 2013-06-21 01:21:12 +00:00
parent bf35040898
commit 03e2f6fb30
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/class-phpass.php
View File

@ -253,7 +253,7 @@ class PasswordHash {
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
return $hash == $stored_hash;
return $hash === $stored_hash;
}
}