X-Git-Url: https://git.p6c8.net/jirafeau/jirafeau.git/blobdiff_plain/3529495482bde49c353d7338c81b8dc8fbae197a..978683b51e7c6c49377b5a9404f4717cfd2f5392:/admin.php

diff --git a/admin.php b/admin.php
index f8270a2..75cc38d 100644
--- a/admin.php
+++ b/admin.php
@@ -73,7 +73,7 @@ elseif (true === jirafeau_challenge_admin_ip($cfg, get_ip_address($cfg))) {
         }
         /* Test web password authentication. */
         elseif (!empty($cfg['admin_password']) && isset($_POST['admin_password'])) {
-            if ($cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) {
+            if (hash_equals($cfg['admin_password'], hash('sha256', $_POST['admin_password']))) {
                 jirafeau_admin_session_start();
             } else {
                 require(JIRAFEAU_ROOT . 'lib/template/header.php');