We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When running count($hibp) it returns a total of all returned hash counts, not the matched count.
count($hibp)
<?php require_once __DIR__ . '/vendor/autoload.php'; $hibp = \Dragonbe\Hibp\HibpFactory::create(); $found = $hibp->isPwnedPassword('password'); $count = count($hibp); echo 'Password "password": ' . ( $found ? 'Pwned (found ' . $count . ' times)' : 'Not used in a breach yet' ) . PHP_EOL;
Gives:
Password "password": Pwned (found 3311463 times)
Going to HIBP it returns for password "password":
This password has been seen 3,303,003 times before
There's an issue on lines 96 - 98 in src/Hibp.php:
src/Hibp.php
list($hash, $count) = explode(':', $value); $totalCount += $count; return (0 === strcmp($hash, substr($password, 5)));
It should be changed into:
list($hash, $count) = explode(':', $value); if (0 === strcmp($hash, substr($password, 5))) { $totalCount = $count; return true; } return false;
The text was updated successfully, but these errors were encountered:
Fixing tests to match correct count for password hit
caeb6dd
We need to return the amount of times a specific password was found in a breach, not a total of hits of all returned hashes. See issue #1 for details.
Modifying code to match the expectation
1138c09
Solving issue #1 on a wrong count of found passwords in HIBP
Merge branch 'dragonbe-fix/1-invalid-match-count'
e871df6
Fix for issue #1: making sure the count of hits on password are for the password itself and not for all hashes returned by HIBP.
Solved in commit e871df6 and released as v0.0.3
Sorry, something went wrong.
DragonBe
No branches or pull requests
When running
count($hibp)
it returns a total of all returned hash counts, not the matched count.Code to reproduce the issue
Gives:
Expected results
Going to HIBP it returns for password "password":
Actual results
There's an issue on lines 96 - 98 in
src/Hibp.php
:It should be changed into:
The text was updated successfully, but these errors were encountered: