成为VIPhash_equals
函数
hash_equals ( $known_string, $user_string ) - 参数
-
-
(string)
$known_string
Expected string.- Required: 是
-
(string)
$user_string
Actual, user supplied, string.- Required: 是
-
(string)
- 返回值
-
- (bool) Whether strings are equal.
- 定义位置
-
-
wp-includes/compat.php
, line 318
-
wp-includes/compat.php
- 引入
- 3.9.2
- 弃用
- –
Timing attack safe string comparison.
Compares two strings using the same time whether they’re equal or not.
Note: It can leak the length of a string when arguments of differing length are supplied.
This function was added in PHP 5.6.
However, the Hash extension may be explicitly disabled on select servers.
As of PHP 7.4.0, the Hash extension is a core PHP extension and can no
longer be disabled.
I.e. when PHP 7.4.0 becomes the minimum requirement, this polyfill
can be safely removed.
function hash_equals( $known_string, $user_string ) {
$known_string_length = strlen( $known_string );
if ( strlen( $user_string ) !== $known_string_length ) {
return false;
}
$result = 0;
// Do not attempt to "optimize" this.
for ( $i = 0; $i
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
