diff options
| author | plegall <plg@piwigo.org> | 2016-04-26 11:07:44 +0200 |
|---|---|---|
| committer | plegall <plg@piwigo.org> | 2016-04-26 11:07:44 +0200 |
| commit | f51ee90c66527fd7ff634f3e8d414cb670da068d (patch) | |
| tree | 2550f0753f14ed594dbf99cb65675fa02b49fe21 /include/functions_session.inc.php | |
| parent | a3c46de7511cb5b66f59375d225b1f0fb66ae988 (diff) | |
bug #470, use a dedicated lib to generate random bytes
Diffstat (limited to 'include/functions_session.inc.php')
| -rw-r--r-- | include/functions_session.inc.php | 37 |
1 files changed, 11 insertions, 26 deletions
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index fe43bc570..0829bcfda 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -62,32 +62,17 @@ if (isset($conf['session_save_handler']) */ function generate_key($size) { - if ( - is_callable('openssl_random_pseudo_bytes') - and !(version_compare(PHP_VERSION, '5.3.4') < 0 and defined('PHP_WINDOWS_VERSION_MAJOR')) - ) - { - return substr( - str_replace( - array('+', '/'), - '', - base64_encode(openssl_random_pseudo_bytes($size+10)) - ), - 0, - $size - ); - } - else - { - $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; - $l = strlen($alphabet)-1; - $key = ''; - for ($i=0; $i<$size; $i++) - { - $key.= $alphabet[mt_rand(0, $l)]; - } - return $key; - } + include_once(PHPWG_ROOT_PATH.'include/random_compat/random.php'); + + return substr( + str_replace( + array('+', '/'), + '', + base64_encode(random_bytes($size+10)) + ), + 0, + $size + ); } /** |