hash_equals()

最后更新于：2021-11-27 04:34:27

hash_equals( string$a, string$b)

Timing attack safe string comparison

参数

$a: (string) (Required) Expected string.
$b: (string) (Required) Actual, user supplied, string.

响应

(bool) Whether strings are equal.

源文件

文件: gc-includes/compat.php

	function hash_equals( $a, $b ) {
		$a_length = strlen( $a );
		if ( strlen( $b ) !== $a_length ) {
			return false;
		}
		$result = 0;

		// Do not attempt to "optimize" this.
		for ( $i = 0; $i < $a_length; $i++ ) {
			$result |= ord( $a[ $i ] ) ^ ord( $b[ $i ] );
		}

		return 0 === $result;
	}