ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-09-20 02:45:34 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #290 from sarciszewski/patch-1

Browse Source 
Remove side-effects in hash_equals()
This commit is contained in:
Alex Bilbie 2015-01-01 12:52:03 +00:00
commit 19b64c2e65
1 changed files with 12 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/TokenType/MAC.php
View File

@ -128,22 +128,18 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
*/
private function hash_equals($knownString, $userString)
{
if (!function_exists('hash_equals')) {
function hash_equals($knownString, $userString)
{
if (strlen($knownString) !== strlen($userString)) {
return false;
}
$len = strlen($knownString);
$result = 0;
for ($i = 0; $i < $len; $i++) {
$result |= (ord($knownString[$i]) ^ ord($userString[$i]));
}
// They are only identical strings if $result is exactly 0...
return 0 === $result;
}
if (function_exists('\hash_equals')) {
return \hash_equals($knownString, $userString);
}
return hash_equals($knownString, $userString);
if (strlen($knownString) !== strlen($userString)) {
return false;
}
$len = strlen($knownString);
$result = 0;
for ($i = 0; $i < $len; $i++) {
$result |= (ord($knownString[$i]) ^ ord($userString[$i]));
}
// They are only identical strings if $result is exactly 0...
return 0 === $result;
}
}