From 3940e804e3ee4ac921e109f62a73fac2becaa611 Mon Sep 17 00:00:00 2001 From: dew-git <55564947+dew-git@users.noreply.github.com> Date: Thu, 10 Oct 2019 20:48:13 -0800 Subject: [PATCH] Remove uneeded variable. --- src/Module/Login.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/Module/Login.php b/src/Module/Login.php index a8c9f9fb92..8affd77557 100644 --- a/src/Module/Login.php +++ b/src/Module/Login.php @@ -190,13 +190,10 @@ class Login extends BaseModule ] ); if (DBA::isResult($user)) { - // Time safe comparision of the two hashes. - $validSession = hash_equals( + if (!hash_equals( Authentication::getCookieHashForUser($user), $data->hash - ); - - if (!$validSession) { + )) { Logger::log("Hash for user " . $data->uid . " doesn't fit."); Authentication::deleteSession(); $a->internalRedirect(); -- 2.39.5