]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-includes/pluggable.php
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
WordPress 3.8.2-scripts
[autoinstalls/wordpress.git] / wp-includes / pluggable.php
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index aca94f363387ee4dd133a07f852b5a95de292e1d..d84cb0a2cab7a514e4faadb3a411d18caf7168a7 100644 (file)
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -543,7 +543,7 @@ function wp_validate_auth_cookie($cookie = '', $scheme = '') {
        $key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
        $hash = hash_hmac('md5', $username . '|' . $expiration, $key);
 
-       if ( $hmac != $hash ) {
+       if ( hash_hmac( 'md5', $hmac, $key ) !== hash_hmac( 'md5', $hash, $key ) ) {
                do_action('auth_cookie_bad_hash', $cookie_elements);
                return false;
        }
WordPress autoinstaller for phpBB