mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 04:10:38 +02:00
Code Issues Releases Wiki Activity

Update secure_img_handler.php

Browse Source 
$checkstr could be an array so it is better to do strict validation of data type & value.
This commit is contained in:
Lee Howarth
2016-08-11 15:35:13 +01:00
committed by GitHub
parent 1dbd7423c0
commit 0d4bf2de80
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
e107_handlers/secure_img_handler.php
View File

@@ -81,7 +81,7 @@ class secure_image
// $sql = e107::getDb(); // $sql = e107::getDb();
// $tp = e107::getParser(); // $tp = e107::getParser();
if(!empty($_SESSION['secure_img'][$recnum]) && 0 == strcmp($_SESSION['secure_img'][$recnum], $checkstr)) if(!empty($_SESSION['secure_img'][$recnum]) && $_SESSION['secure_img'][$recnum] === $checkstr )
{ {
unset($_SESSION['secure_img']); unset($_SESSION['secure_img']);
return true; return true;