admin.php: fix authentication bypass vulnerability (!13) · Merge requests · Mojo / Jirafeau · GitLab

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

username-removed-459979 requested to merge scumjr/Jirafeau:master into master Mar 21, 2016

An attacker ban bypass the authentication form by passing an array instead of a string (https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#Input_handling). The identity operator should fix the vulnerability.