Skip to content

Commit

Permalink
fix(authentication): security fix on password comparision
Browse files Browse the repository at this point in the history
  • Loading branch information
@charleneauger
charleneauger committed Jun 13, 2024
1 parent 44c9e9e commit af2da8d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion backend/AUTH/methode/local.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@
}
}

if ($login_status == true || (isset($rowOp->PASSWD) && hash(PASSWORD_CRYPT, $mdp) == $rowOp->PASSWD)) {
if ($login_status == true || (isset($rowOp->PASSWD) && hash(PASSWORD_CRYPT, $mdp) === $rowOp->PASSWD)) {
$login_successful = "OK";
$user_group = $rowOp->USER_GROUP;
$type_log = 'CONNEXION';
Expand Down

0 comments on commit af2da8d

Please sign in to comment.