diff options
author | Michal Čihař <michal@cihar.com> | 2016-08-17 14:18:45 +0300 |
---|---|---|
committer | Michal Čihař <michal@cihar.com> | 2016-08-17 14:18:45 +0300 |
commit | 76a471a790bf31873f469866374dfbab63e5f40c (patch) | |
tree | 5dfa2f35a355957f40bf7e34a04179ea55b4c4b8 /user_password.php | |
parent | 311be7515c8c280041565594ca853f31a4177082 (diff) |
Avoid problems with PHP comparison
- allow password where empty returns true
- compare using ===
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'user_password.php')
-rw-r--r-- | user_password.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/user_password.php b/user_password.php index 79060293ce..5c0f6299bd 100644 --- a/user_password.php +++ b/user_password.php @@ -112,10 +112,10 @@ function PMA_setChangePasswordMsg() $message = PMA\libraries\Message::success(__('The profile has been updated.')); if (($_REQUEST['nopass'] != '1')) { - if (empty($_REQUEST['pma_pw']) || empty($_REQUEST['pma_pw2'])) { + if (strlen($_REQUEST['pma_pw']) === 0 || strlen($_REQUEST['pma_pw2']) === 0) { $message = PMA\libraries\Message::error(__('The password is empty!')); $error = true; - } elseif ($_REQUEST['pma_pw'] != $_REQUEST['pma_pw2']) { + } elseif ($_REQUEST['pma_pw'] !== $_REQUEST['pma_pw2']) { $message = PMA\libraries\Message::error( __('The passwords aren\'t the same!') ); |