Strict check

glpi-project · Mar 5, 2019 · 7afbcc7 · 7afbcc7
1 parent 83259d8
commit 7afbcc7
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/inc/auth.class.php b/inc/auth.class.php
@@ -276,14 +276,14 @@ static function checkPassword($pass, $hash) {
          $ok = password_verify($pass, $hash);
 
       } else if (strlen($hash)==32) {
-         $ok = md5($pass) == $hash;
+         $ok = md5($pass) === $hash;
 
       } else if (strlen($hash)==40) {
-         $ok = sha1($pass) == $hash;
+         $ok = sha1($pass) === $hash;
 
       } else {
          $salt = substr($hash, 0, 8);
-         $ok = ($salt.sha1($salt.$pass) == $hash);
+         $ok = ($salt.sha1($salt.$pass) === $hash);
       }
 
       return $ok;