hash_equals

Supported Versions: PHP 5 >= 5.6.0, PHP 7, PHP 8
Timing attack safe string comparison
<?php hash_equals(string $known_string, string $user_string): bool
<?php             $this->connection->table($this->table)->find($identifier)

        );



        return $user && $user->getRememberToken() && hash_equals($user->getRememberToken(), $token)

                    ? $user : null;

    }
<?php         $rememberToken = $retrievedModel->getRememberToken();



        return $rememberToken && hash_equals($rememberToken, $token) ? $retrievedModel : null;

    }
<?php     protected function validMacForKey($payload, $key)

    {

        return hash_equals(

            $this->hash($payload['iv'], $payload['value'], $key), $payload['mac']

        );

    }
<?php     {

        $hash = @md5_file($firstFile);



        return $hash && hash_equals($hash, (string) @md5_file($secondFile));

    }
<?php     public function authorize()

    {

        if (! hash_equals((string) $this->user()->getKey(), (string) $this->route('id'))) {

            return false;

        }
<?php             return false;

        }



        if (! hash_equals(sha1($this->user()->getEmailForVerification()), (string) $this->route('hash'))) {

            return false;

        }
<?php         return is_array($payload) &&

            is_numeric($payload['expires_at'] ?? null) &&

            isset($payload['mac']) &&

            hash_equals(hash_hmac('sha256', $payload['expires_at'], $key), $payload['mac']) &&

            (int) $payload['expires_at'] >= Carbon::now()->getTimestamp();

    }

}
<?php         return is_string($request->session()->token()) &&

               is_string($token) &&

               hash_equals($request->session()->token(), $token);

    }
<?php         $signature = hash_hmac('sha256', $original, call_user_func($this->keyResolver));



        return hash_equals($signature, (string) $request->query('signature', ''));

    }
<?php         if ($this->guard()->viaRemember()) {

            $passwordHash = explode('|', $request->cookies->get($this->guard()->getRecallerName()))[2] ?? null;



            if (! $passwordHash || ! hash_equals($request->user()->getAuthPassword(), $passwordHash)) {

                $this->logout($request);

            }

        }
<?php             $this->storePasswordHashInSession($request);

        }



        if (! hash_equals($request->session()->get('password_hash_'.$this->auth->getDefaultDriver()), $request->user()->getAuthPassword())) {

            $this->logout($request);

        }