Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Return false if cookie_hash is not set.

This commit is contained in:
Mike Jolley 2016-01-18 10:34:06 +00:00
parent 424bc62e74
commit 6c8709f4b5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
includes/class-wc-session-handler.php
View File

@ -140,7 +140,7 @@ class WC_Session_Handler extends WC_Session {
$to_hash = $customer_id . '|' . $session_expiration;
$hash = hash_hmac( 'md5', $to_hash, wp_hash( $to_hash ) );
if ( ! hash_equals( $hash, $cookie_hash ) ) {
if ( empty( $cookie_hash ) || ! hash_equals( $hash, $cookie_hash ) ) {
return false;
}