From 47b43dfa35e857530d68c698b066e45838941cd7 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Joshua=20R=C3=BCsweg?= <josh@bastelstu.be>
Date: Wed, 20 Mar 2019 11:22:17 +0100
Subject: [PATCH] Fix missing negation for hash_equals() methods See
 c914372abbe9f62b765f4b0e0b934f6d45150201 See #2873

---
 .../files/lib/action/NotificationDisableAction.class.php        | 2 +-
 wcfsetup/install/files/lib/form/NewPasswordForm.class.php       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/wcfsetup/install/files/lib/action/NotificationDisableAction.class.php b/wcfsetup/install/files/lib/action/NotificationDisableAction.class.php
index 50c06cb6a8..c7adcdf48d 100644
--- a/wcfsetup/install/files/lib/action/NotificationDisableAction.class.php
+++ b/wcfsetup/install/files/lib/action/NotificationDisableAction.class.php
@@ -69,7 +69,7 @@ class NotificationDisableAction extends AbstractAction {
 		}
 		
 		if (isset($_REQUEST['token'])) $this->token = StringUtil::trim($_REQUEST['token']);
-		if (empty($this->token) || \hash_equals($this->user->notificationMailToken, $this->token)) {
+		if (empty($this->token) || !\hash_equals($this->user->notificationMailToken, $this->token)) {
 			throw new IllegalLinkException();
 		}
 	}
diff --git a/wcfsetup/install/files/lib/form/NewPasswordForm.class.php b/wcfsetup/install/files/lib/form/NewPasswordForm.class.php
index dfec55fe71..009093e453 100644
--- a/wcfsetup/install/files/lib/form/NewPasswordForm.class.php
+++ b/wcfsetup/install/files/lib/form/NewPasswordForm.class.php
@@ -68,7 +68,7 @@ class NewPasswordForm extends AbstractForm {
 			if (!$this->user->userID) throw new IllegalLinkException();
 			
 			if (!$this->user->lostPasswordKey) throw new IllegalLinkException();
-			if (\hash_equals($this->user->lostPasswordKey, $this->lostPasswordKey)) {
+			if (!\hash_equals($this->user->lostPasswordKey, $this->lostPasswordKey)) {
 				throw new IllegalLinkException();
 			}
 			// expire lost password requests after a day
-- 
2.20.1