nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2025-11-08 05:04:04 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'EdOverflow/hash_equals'

Browse source
This commit is contained in:
brantje 2017-01-06 19:38:47 +01:00
commit f0e00c5704
No known key found for this signature in database
GPG key ID: 5FF1D117F918687F
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
controller/credentialcontroller.php
View file

@ -142,7 +142,7 @@ class CredentialController extends ApiController {
);
if ($storedCredential->getUserId() !== $this->userId) {
if (!hash_equals($storedCredential->getUserId(), $this->userId)) {
$acl = $this->sharingService->getCredentialAclForUser($this->userId, $storedCredential->getGuid());
if ($acl->hasPermission(SharingACL::WRITE)) {
$credential['shared_key'] = $storedCredential->getSharedKey();
@ -219,7 +219,7 @@ class CredentialController extends ApiController {
'', array(),
$link, $target_user, Activity::TYPE_ITEM_ACTION);
}
if ($this->userId !== $storedCredential->getUserId()) {
if (!hash_equals($this->userId, $storedCredential->getUserId())) {
$this->activityService->add(
$activity, $params,
'', array(),