|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Copyright 2016 Facebook, Inc. |
|
4
|
|
|
* |
|
5
|
|
|
* You are hereby granted a non-exclusive, worldwide, royalty-free license to |
|
6
|
|
|
* use, copy, modify, and distribute this software in source code or binary |
|
7
|
|
|
* form for use in connection with the web services and APIs provided by |
|
8
|
|
|
* Facebook. |
|
9
|
|
|
* |
|
10
|
|
|
* As with any software that integrates with the Facebook platform, your use |
|
11
|
|
|
* of this software is subject to the Facebook Developer Principles and |
|
12
|
|
|
* Policies [http://developers.facebook.com/policy/]. This copyright notice |
|
13
|
|
|
* shall be included in all copies or substantial portions of the software. |
|
14
|
|
|
* |
|
15
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
16
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
17
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL |
|
18
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
19
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
|
20
|
|
|
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
|
21
|
|
|
* DEALINGS IN THE SOFTWARE. |
|
22
|
|
|
* |
|
23
|
|
|
*/ |
|
24
|
|
|
|
|
25
|
|
|
/** |
|
26
|
|
|
* @see https://github.com/sarciszewski/php-future/blob/master/src/Security.php#L37-L51 |
|
27
|
|
|
*/ |
|
28
|
|
|
if (!function_exists('hash_equals')) { |
|
29
|
|
|
function hash_equals($knownString, $userString) |
|
30
|
|
|
{ |
|
31
|
|
|
if (function_exists('mb_strlen')) { |
|
32
|
|
|
$kLen = mb_strlen($knownString, '8bit'); |
|
33
|
|
|
$uLen = mb_strlen($userString, '8bit'); |
|
34
|
|
|
} else { |
|
35
|
|
|
$kLen = strlen($knownString); |
|
36
|
|
|
$uLen = strlen($userString); |
|
37
|
|
|
} |
|
38
|
|
|
if ($kLen !== $uLen) { |
|
39
|
|
|
return false; |
|
40
|
|
|
} |
|
41
|
|
|
$result = 0; |
|
42
|
|
|
for ($i = 0; $i < $kLen; $i++) { |
|
43
|
|
|
$result |= (ord($knownString[$i]) ^ ord($userString[$i])); |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
// They are only identical strings if $result is exactly 0... |
|
47
|
|
|
return 0 === $result; |
|
48
|
|
|
} |
|
49
|
|
|
} |
|
50
|
|
|
|
facebook /
facebook-php-sdk-v4
