Update random_string with random_bytes

- Updated update.php
This commit is contained in:
Hypolite Petovan 2017-11-25 21:15:50 -05:00
parent 8b38f7f012
commit d38c040d50
2 changed files with 22 additions and 12 deletions

View File

@ -41,18 +41,28 @@ function replace_macros($s, $r) {
return $output; return $output;
} }
// PHP < 7 polyfill
if (!is_callable('intdiv')) {
function intdiv($a, $b) {
return ($a - $a % $b) / $b;
}
}
// random string, there are 86 characters max in text mode, 128 for hex /**
// output is urlsafe * @brief Generates a pseudo-random string of hexadecimal characters
*
* Only supports pair numbers of output characters.
*
* @param int $size
* @return string
*/
function random_string($size = 64)
{
$bytes = random_bytes(intdiv((int) $size, 2));
define('RANDOM_STRING_HEX', 0x00); $return = bin2hex($bytes);
define('RANDOM_STRING_TEXT', 0x01);
function random_string($size = 64, $type = RANDOM_STRING_HEX) { return $return;
// generate a bit of entropy and run it through the whirlpool
$s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(), (($type == RANDOM_STRING_TEXT) ? true : false));
$s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n", "", base64url_encode($s,true)) : $s);
return substr($s,0,$size);
} }
/** /**

View File

@ -616,7 +616,7 @@ function update_1075() {
foreach ($r as $rr) { foreach ($r as $rr) {
$found = true; $found = true;
do { do {
$guid = substr(random_string(),0,16); $guid = random_string(16);
$x = q("SELECT `uid` FROM `user` WHERE `guid` = '%s' LIMIT 1", $x = q("SELECT `uid` FROM `user` WHERE `guid` = '%s' LIMIT 1",
dbesc($guid) dbesc($guid)
); );