dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 16b731d) | patch
Add hash_equals() fallback and use it
authorKevin Israel <pleasestand@live.com>
Sun, 13 Apr 2014 17:11:18 +0000 (13:11 -0400)
committerKevin Israel <pleasestand@live.com>
Thu, 29 May 2014 00:52:08 +0000 (20:52 -0400)
commitb9e1d5f5c066a26f115eac69e268a98e6591d121
tree75b154f878975e455be8d9f5c9814fdf75ab2ee8tree | snapshot
parent16b731dc575290c52ec4962f320f677866d59f55commit | diff
Add hash_equals() fallback and use it

Two classes (User and SpecialRunJobs) currently contain string
equality checks that purport to be timing-attack resistant.

Reduce code duplication by adding and using a fallback for the
hash_equals() function from PHP 5.6 (currently in beta), in a way
addressing the comment "@todo: make a common method for this".

Change-Id: Iece006ec0216edb3fc5fbef7cc6ec00a6d182775
includes/GlobalFunctions.php diff | blob | history
includes/User.php diff | blob | history
includes/specials/SpecialRunJobs.php diff | blob | history
Wiklou, le Wiki du Wiklou