hash is also sensitive now

when has might be plaintext, it's sensitive
2026-03-14 12:45:51 +01:00 · 2025-03-19 21:41:01 +01:00 · 2025-03-19 21:41:01 +01:00 · 399b607987
commit 399b607987
parent c649a43d82
1 changed files with 1 additions and 0 deletions
--- a/tinyfilemanager.php
+++ b/tinyfilemanager.php
@ -328,6 +328,7 @@ if ($use_auth) {
    function tfm_password_verify(
        #[\SensitiveParameter]
        string $password,
+        #[\SensitiveParameter]
        string $hash
    ): bool {
        // CRYPT_MD5: $1$