Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/user_password.php
diff options
context:
space:
mode:
authorMichal Čihař <michal@cihar.com>2016-08-17 14:18:45 +0300
committerMichal Čihař <michal@cihar.com>2016-08-17 14:18:45 +0300
commit76a471a790bf31873f469866374dfbab63e5f40c (patch)
tree5dfa2f35a355957f40bf7e34a04179ea55b4c4b8 /user_password.php
parent311be7515c8c280041565594ca853f31a4177082 (diff)
Avoid problems with PHP comparison
- allow password where empty returns true - compare using === Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'user_password.php')
-rw-r--r--user_password.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/user_password.php b/user_password.php
index 79060293ce..5c0f6299bd 100644
--- a/user_password.php
+++ b/user_password.php
@@ -112,10 +112,10 @@ function PMA_setChangePasswordMsg()
$message = PMA\libraries\Message::success(__('The profile has been updated.'));
if (($_REQUEST['nopass'] != '1')) {
- if (empty($_REQUEST['pma_pw']) || empty($_REQUEST['pma_pw2'])) {
+ if (strlen($_REQUEST['pma_pw']) === 0 || strlen($_REQUEST['pma_pw2']) === 0) {
$message = PMA\libraries\Message::error(__('The password is empty!'));
$error = true;
- } elseif ($_REQUEST['pma_pw'] != $_REQUEST['pma_pw2']) {
+ } elseif ($_REQUEST['pma_pw'] !== $_REQUEST['pma_pw2']) {
$message = PMA\libraries\Message::error(
__('The passwords aren\'t the same!')
);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 03:50:37 +0300