nas
/
todo_api
Watch 2
Star 1
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

fix order of hash_equals

Maurits van der Schee 5 years ago
parent
d32e101152
commit
8b3b0a4327
1 changed files with 1 additions and 5 deletions
Split View Show Diff Stats
  1. 1
    5
      api.php

+ 1
- 5
api.php View File 

@@ -7528,11 +7528,7 @@ namespace Tqdev\PhpCrudApi\Middleware {
7528 7528 
             switch ($algorithm[0]) {
7529 7529 
                 case 'H':
7530 7530 
                     $hash = hash_hmac($hmac, $data, $secret, true);
7531 
-                    if (function_exists('hash_equals')) {
7532 
-                        $equals = hash_equals($signature, $hash);
7533 
-                    } else {
7534 
-                        $equals = $signature == $hash;
7535 
-                    }
7531 
+                    $equals = hash_equals($hash, $signature);
7536 7532 
                     if (!$equals) {
7537 7533 
                         return array();
7538 7534 
                     }

Write Preview
Loading…
Cancel
Save