From 0d4bf2de800d264d77f5c07b0322c65262b55ec3 Mon Sep 17 00:00:00 2001
From: Lee Howarth <mostvotedplayer@gmail.com>
Date: Thu, 11 Aug 2016 15:35:13 +0100
Subject: [PATCH] Update secure_img_handler.php

$checkstr could be an array so it is better to do strict validation of data type & value.
---
 e107_handlers/secure_img_handler.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e107_handlers/secure_img_handler.php b/e107_handlers/secure_img_handler.php
index 4572bb0a0..5b610a067 100644
--- a/e107_handlers/secure_img_handler.php
+++ b/e107_handlers/secure_img_handler.php
@@ -81,7 +81,7 @@ class secure_image
 	//	$sql = e107::getDb();
 	//	$tp = e107::getParser();
 
-		if(!empty($_SESSION['secure_img'][$recnum]) && 0 == strcmp($_SESSION['secure_img'][$recnum], $checkstr))
+		if(!empty($_SESSION['secure_img'][$recnum]) && $_SESSION['secure_img'][$recnum] === $checkstr )
 		{
 			unset($_SESSION['secure_img']);
 			return true;