From 6183961089980322dfd9fd8011ade0f41703eaea Mon Sep 17 00:00:00 2001
From: TheWitness <thewitness@cacti.net>
Date: Tue, 7 May 2024 12:57:11 -0400
Subject: [PATCH] Fixing #5738 and #GHSA-37x7-mfjv-mm7m

* Fixing #5733 - French Translation

Cacti does not work using the French Language

* Update CHANGELOG

* Fixing #5738 - Boost Issues with fresh install

* QA: Address type juggling vulnerability in Cacti

* QA: Update ChangeLog

* Update CHANGELOG

* Update CHANGELOG

---------

Co-authored-by: Mark Brugnoli-Vinten <netniv@hotmail.com>
---
 CHANGELOG        | 1 +
 lib/auth.php     | 2 +-
 poller_boost.php | 4 ++++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index 413a93211d..6d7c8d54bf 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -35,6 +35,7 @@ Cacti CHANGELOG
 -issue#5731: Saving a Tree can cause the tree to become unpublished
 -issue#5732: Web Basic Authentication does not record user logins
 -issue#5733: When using Accent-based languages, translations may not work properly
+-issue#5748: Improve PHP 8.1 Support during fresh install with boost
 -feature#5692: Add a device "enabled/disabled" indicator next to the graphs
 -feature#5710: Notify the admin periodically when a remote data collector goes into heartbeat status
 -feature#5716: Add template for Aruba Clearpass
diff --git a/lib/auth.php b/lib/auth.php
index fb24d40771..4ff7188971 100644
--- a/lib/auth.php
+++ b/lib/auth.php
@@ -4395,7 +4395,7 @@ function compat_password_verify($password, $hash) {
 
 	$md5 = md5($password);
 
-	return ($md5 == $hash);
+	return ($md5 === $hash);
 }
 
 /**
diff --git a/poller_boost.php b/poller_boost.php
index b0a4cc6a94..4ccbb1d018 100755
--- a/poller_boost.php
+++ b/poller_boost.php
@@ -122,6 +122,8 @@
 	$boost_last_run_time = read_config_option('boost_last_run_time');
 	if (!empty($boost_last_run_time) && !is_numeric($boost_last_run_time)) {
 		$last_run_time = strtotime($boost_last_run_time);
+	} elseif (empty($boost_last_run_time)) {
+		$last_run_time = time() - 3600;
 	} else {
 		$last_run_time = $boost_last_run_time;
 	}
@@ -129,6 +131,8 @@
 	$boost_next_run_time = read_config_option('boost_next_run_time');
 	if (!empty($boost_next_run_time) && !is_numeric($boost_next_run_time)) {
 		$next_run_time = strtotime($boost_next_run_time);
+	} elseif (empty($boost_next_run_time)) {
+		$next_run_time = time() + 3600;
 	} else {
 		$next_run_time = $boost_next_run_time;
 	}