From: Marcel Werk <burntime@woltlab.com>
Date: Fri, 27 Oct 2023 14:24:41 +0000 (+0200)
Subject: Apply suggestions from code review
X-Git-Tag: 6.0.3_dev_1~49^2~2
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=03e8dc1285e84ebc2fe9f0a36e168912d1dd4d91;p=GitHub%2FWoltLab%2FWCF.git

Apply suggestions from code review

Co-authored-by: Alexander Ebert <ebert@woltlab.com>
---

diff --git a/wcfsetup/install/files/lib/system/user/authentication/password/algorithm/Pbkdf2.class.php b/wcfsetup/install/files/lib/system/user/authentication/password/algorithm/Pbkdf2.class.php
index f0224a22c3..c16008c11c 100644
--- a/wcfsetup/install/files/lib/system/user/authentication/password/algorithm/Pbkdf2.class.php
+++ b/wcfsetup/install/files/lib/system/user/authentication/password/algorithm/Pbkdf2.class.php
@@ -24,11 +24,10 @@ final class Pbkdf2 implements IPasswordAlgorithm
         string $hash
     ): bool {
         $parts = \explode(':', $hash, 5);
-        $hash = $parts[0];
-        $salt = $parts[1];
-        $algo = $parts[2];
-        $iterations = $parts[3];
-        $length = $parts[4];
+        if (\count($parts) !== 5) {
+            return false;
+        }
+        [$hash, $salt, $algo, $iterations, $length] = $parts;
 
         return \hash_equals($hash, \hash_pbkdf2($algo, $password, $salt, $iterations, $length));
     }
@@ -46,7 +45,7 @@ final class Pbkdf2 implements IPasswordAlgorithm
         $length = 32;
         $hash = \hash_pbkdf2($algo, $password, $salt, $iterations, $length);
 
-        return implode(':', [$hash, $salt, $algo, $iterations, $length]);
+        return \implode(':', [$hash, $salt, $algo, $iterations, $length]);
     }
 
     /**