WordPress at a glance
function is not described

hash_equals() WP 3.9.2

Timing attack safe string comparison

Compares two strings using the same time whether they're equal or not.

This function was added in PHP 5.6.

Note: It can leak the length of a string when arguments of differing length are supplied.

No Hooks.

Return

true/false. Whether strings are equal.

Usage

hash_equals( $a, $b );
$a(string) (required)
Expected string.
$b(string) (required)
Actual, user supplied, string.

Code of hash equals: wp-includes/compat.php VER 5.0.3

<?php
function hash_equals( $a, $b ) {
	$a_length = strlen( $a );
	if ( $a_length !== strlen( $b ) ) {
		return false;
	}
	$result = 0;

	// Do not attempt to "optimize" this.
	for ( $i = 0; $i < $a_length; $i++ ) {
		$result |= ord( $a[ $i ] ) ^ ord( $b[ $i ] );
	}

	return $result === 0;
}