Improved check

michalbundyra · michalbundyra · commit b9a61e589bb5 · 2017-11-17T11:34:07.000Z
diff --git a/src/UserRepository/Htpasswd.php b/src/UserRepository/Htpasswd.php
@@ -70,7 +70,7 @@ public function authenticate(string $credential, string $password = null) : ?Use
      */
     protected function checkBcryptHash(string $hash) : void
     {
-        if ('$2y$' !== substr($hash, 0, 4)) {
+        if (0 !== strpos($hash, '$2y$')) {
             throw new Exception\RuntimeException(
                 'The htpasswd file uses not secure hash algorithm. Please use bcrypt.'
             );

Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ public function authenticate(string $credential, string $password = null) : ?Use`
`70`	`70`	`*/`
`71`	`71`	`protected function checkBcryptHash(string $hash) : void`
`72`	`72`	`{`
`73`		`- if ('$2y$' !== substr($hash, 0, 4)) {`
	`73`	`+ if (0 !== strpos($hash, '$2y$')) {`
`74`	`74`	`throw new Exception\RuntimeException(`
`75`	`75`	`'The htpasswd file uses not secure hash algorithm. Please use bcrypt.'`
`76`	`76`	`);`