From: Jérôme <mojo@couak.net>
Date: Tue, 22 Mar 2016 09:10:42 +0000 (+0000)
Subject: Merge branch 'master' into 'master'
X-Git-Tag: 1.2.0~36^2
X-Git-Url: https://git.p6c8.net/jirafeau_project.git/commitdiff_plain/6564589a47862c108fa27f7be51ddf9f52011e80?hp=272ab3a46c93c963d80d4c7a31f7390b7317136a

Merge branch 'master' into 'master'

admin.php: fix authentication bypass vulnerability

An attacker ban bypass the authentication form by passing an array instead of a string (https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#Input_handling). The identity operator should fix the vulnerability.

See merge request !13
---

diff --git a/admin.php b/admin.php
index 25b16ed..a0ae04b 100644
--- a/admin.php
+++ b/admin.php
@@ -53,7 +53,7 @@ if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0))
 /* Check classic admin password authentification. */
 if (isset ($_POST['admin_password']) && empty($cfg['admin_http_auth_user']))
 {
-    if (strcmp ($cfg['admin_password'], $_POST['admin_password']) == 0)
+    if ($cfg['admin_password'] === $_POST['admin_password'])
         $_SESSION['admin_auth'] = true;
     else
     {