Funcational bugs in password rechecking during registration related processes

[peng-hui]

WeBid 1.2.2 has the problem of password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check. $password1 = "0e1111" and $password2 = "0e2222" are loosely compared and return bool(true). A lot of other PHP scripts in WeBid also have this problem.

• /register.php:191
• /edit_data.php:55
• /admin/login.php:29
• /admin/editadminuser.php:31
• /admin/newadminuser.php:26