daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 14:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use timeing-safe password comparison

Browse Source 
AI-assistant: Copilot v1.0.7 (Claude Opus 4.6)

Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>
This commit is contained in:
Pablo Zmdl
2026-03-31 23:56:03 +02:00
parent bb4790ed3a
commit 2a7c686247
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
php/src/Data/ConfigurationManager.php
View File

@@ -657,7 +657,7 @@ class ConfigurationManager
throw new InvalidSettingConfigurationException("Please enter your current password.");
}
if ($currentPassword !== $this->password) {
if (!hash_equals($this->password, $currentPassword)) {
throw new InvalidSettingConfigurationException("The entered current password is not correct.");
}