diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2025-12-15 22:06:05 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2025-12-15 22:06:05 +0100 |
| commit | 476e57b04646416e24e24c56133c9fadf9e52b95 (patch) | |
| tree | e88d13f641712e8a8fba88e28dcde741717c43a0 /app/Models/FormAuth.php | |
| parent | 00f2f043ac2fc834b3ef82d41b4c710113e988e2 (diff) | |
Reverse hash and nonce (#8320)
Safer password evaluation
Diffstat (limited to 'app/Models/FormAuth.php')
| -rw-r--r-- | app/Models/FormAuth.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Models/FormAuth.php b/app/Models/FormAuth.php index 8943fa7f5..a6431aa8e 100644 --- a/app/Models/FormAuth.php +++ b/app/Models/FormAuth.php @@ -11,7 +11,7 @@ class FreshRSS_FormAuth { return false; } - return password_verify($nonce . $hash, $challenge); + return password_verify($hash . $nonce, $challenge); } /** @return list<string> */ |