Porting the random number generator code over

Fingers crossed that this doesn't break anything.... ;-) git-svn-id: file:///svn/phpbb/trunk@5813 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-02-15 13:34:41 +01:00 · 2006-04-21 20:42:10 +00:00 · 2006-04-21 20:42:10 +00:00 · 6f4c1b1a22
commit 6f4c1b1a22
parent 10e8b6130d
5 changed files with 23 additions and 19 deletions
--- a/phpBB/common.php
+++ b/phpBB/common.php
@ -131,6 +131,7 @@ unset($dbpasswd);

 // Grab global variables, re-cache if necessary
 $config = $cache->obtain_config();
+$dss_seeded = false;

 // Warn about install/ directory
 if (file_exists('install'))
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -122,29 +122,32 @@ function set_config($config_name, $config_value, $is_dynamic = false)
 /**
 * Generates an alphanumeric random string of given length
 */
-function gen_rand_string($num_chars)
+function gen_rand_string($num_chars = 8)
 {
-	$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+	$rand_str = dss_rand();

-	$max_chars = sizeof($chars) - 1;
-	$rand_str = '';
-	for ($i = 0; $i < $num_chars; $i++)
-	{
-		$rand_str .= $chars[mt_rand(0, $max_chars)];
-	}
-
-	return $rand_str;
+	return substr($rand_str, 0, $num_chars);
 }

 /**
 * Return unique id
-* @param $extra additional entropy for call to mt_srand
+* @param $extra additional entropy
 */
-function unique_id($extra = 0, $prefix = false)
+function unique_id($extra = 'c')
 {
-	list($usec, $sec) = explode(' ', microtime());
-	mt_srand((float) $extra + (float) $sec + ((float) $usec * 100000));
-	return uniqid(($prefix === false) ? mt_rand() : $prefix, true);
+	global $db, $config, $dss_seeded;
+
+	$val = $config['rand_seed'] . microtime();
+	$val = md5($val);
+	$config['rand_seed'] = md5($config['rand_seed'] . $val . $extra);
+   
+	if($dss_seeded !== true)
+	{
+		set_config('rand_seed', $config['rand_seed']);
+		$dss_seeded = true;
+	}
+
+	return substr($val, 4, 16);
 }

 /**
@ -1448,7 +1451,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		
 				// Generate code
 				$code = gen_rand_string(mt_rand(5, 8));
-				$confirm_id = md5(unique_id(0, $user->ip));
+				$confirm_id = md5(unique_id($user->ip));

 				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 					'confirm_id'	=> (string) $confirm_id,
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@ -301,7 +301,7 @@ class messenger
 		$headers .= 'Return-Path: <' . $config['board_email'] . ">\n";
 		$headers .= 'Sender: <' . $config['board_email'] . ">\n";
 		$headers .= "MIME-Version: 1.0\n";
-		$headers .= 'Message-ID: <' . md5(unique_id(0, time())) . "@" . $config['server_name'] . ">\n";
+		$headers .= 'Message-ID: <' . md5(unique_id(time())) . "@" . $config['server_name'] . ">\n";
 		$headers .= 'Date: ' . gmdate('D, d M Y H:i:s T', time()) . "\n";
 		$headers .= "Content-type: text/plain; charset={$this->encoding}\n";
 		$headers .= "Content-transfer-encoding: 8bit\n";
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -425,7 +425,7 @@ class ucp_register
 				$db->sql_freeresult($result);
 		
 				$code = gen_rand_string(mt_rand(5, 8));
-				$confirm_id = md5(unique_id(0, $user->ip));
+				$confirm_id = md5(unique_id($user->ip));

 				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 					'confirm_id'	=> (string) $confirm_id,
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -1105,7 +1105,7 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && ($mode ==

 	// Generate code
 	$code = gen_rand_string(mt_rand(5, 8));
-	$confirm_id = md5(unique_id(0, $user->ip));
+	$confirm_id = md5(unique_id($user->ip));

 	$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 		'confirm_id'	=> (string) $confirm_id,