Minor cleanup in core Controllers

author: Roeland Jago Douma <roeland@famdouma.nl> 2016-08-29 21:17:16 +0200
committer: Roeland Jago Douma <roeland@famdouma.nl> 2016-08-29 21:52:09 +0200
commit: f6423f74e3ca925fd43c67f2669384994ccc55fe (patch)
tree: 1ea6c8b142e584cc2b11fd56e206f86c059ad138 /core/Controller/LostController.php
parent: c0ed865ab2e5166e71fd6046fc2c426dd5b7c6d4 (diff)
download: nextcloud-server-f6423f74e3ca925fd43c67f2669384994ccc55fe.tar.gz
nextcloud-server-f6423f74e3ca925fd43c67f2669384994ccc55fe.zip
1 files changed, 2 insertions, 3 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index fe6be1e6852..b1111559a6c 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -40,7 +40,6 @@ use \OCP\IConfig;
 use OCP\IUserManager;
 use OCP\Mail\IMailer;
 use OCP\Security\ISecureRandom;
-use OCP\Security\StringUtils;
 
 /**
  * Class LostController
@@ -144,7 +143,7 @@ class LostController extends Controller {
 	}
 
 	/**
-	 * @param string $userId
+	 * @param string $token
 	 * @param string $userId
 	 * @throws \Exception
 	 */
@@ -161,7 +160,7 @@ class LostController extends Controller {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
 		}
 
-		if (!StringUtils::equals($splittedToken[1], $token)) {
+		if (!hash_equals($splittedToken[1], $token)) {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
 		}
 	}
author	Roeland Jago Douma <roeland@famdouma.nl>	2016-08-29 21:17:16 +0200
committer	Roeland Jago Douma <roeland@famdouma.nl>	2016-08-29 21:52:09 +0200
commit	f6423f74e3ca925fd43c67f2669384994ccc55fe (patch)
tree	1ea6c8b142e584cc2b11fd56e206f86c059ad138 /core/Controller/LostController.php
parent	c0ed865ab2e5166e71fd6046fc2c426dd5b7c6d4 (diff)
download	nextcloud-server-f6423f74e3ca925fd43c67f2669384994ccc55fe.tar.gz nextcloud-server-f6423f74e3ca925fd43c67f2669384994ccc55fe.zip