Merge branch 'dragonbe-fix/1-invalid-match-count'

Fix for issue #1: making sure the count of hits on password are for the password itself and not for all hashes returned by HIBP.

src/Hibp.php

@@ -94,8 +94,11 @@ private function passwordInResponse(string $password, string $resultStream): boo
         $totalCount = 0;
         $hashes = array_filter($data, function ($value) use ($password, &$totalCount) {
             list($hash, $count) = explode(':', $value);
-            $totalCount += $count;
-            return (0 === strcmp($hash, substr($password, 5)));
+            if (0 === strcmp($hash, substr($password, 5))) {
+                $totalCount = (int) $count;
+                return true;
+            }
+            return false;
         });
         if ([] === $hashes) {
             return false;

tests/HibpTest.php

@@ -110,9 +110,9 @@ public function testExceptionIsThrownWhenApiNotFound()
     public function pwnedCommonPasswordProvider(): array
     {
         return [
-            ['password', 'pwned1_password.txt', 3311463],
-            ['querty', 'pwned2_password.txt', 3418],
-            ['admin', 'pwned3_password.txt', 43771],
+            ['password', 'pwned1_password.txt', 3303003],
+            ['querty', 'pwned2_password.txt', 962],
+            ['admin', 'pwned3_password.txt', 41812],
         ];
     }