mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 07:35:29 +02:00
Code Issues Releases Wiki Activity

#5734

Browse Source 
- replaced array_rand($array) with mt_rand(0, sizeof($array) - 1) as array_rand did not take my seed


git-svn-id: file:///svn/phpbb/trunk@6705 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
David M 2006-12-03 17:36:59 +00:00
parent 1f7224c601
commit ec80eb74aa
15 changed files with 65 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
phpBB/develop/create_schema_files.php
View File

@ -949,6 +949,7 @@ function get_schema_struct()
'session_id' => array('CHAR:32', ''), 'session_id' => array('CHAR:32', ''),
'confirm_type' => array('TINT:3', 0), 'confirm_type' => array('TINT:3', 0),
'code' => array('VCHAR:8', ''), 'code' => array('VCHAR:8', ''),
'seed' => array('UINT:10', 0),
), ),
'PRIMARY_KEY' => array('session_id', 'confirm_id'), 'PRIMARY_KEY' => array('session_id', 'confirm_id'),
'KEYS' => array( 'KEYS' => array(

9
phpBB/includes/captcha/captcha_gd.php
View File

@ -19,7 +19,7 @@ class captcha
var $width = 360; var $width = 360;
var $height = 96; var $height = 96;
function execute($code) function execute($code, $seed)
{ {
global $config; global $config;
$stats = gd_info(); $stats = gd_info();
@ -48,6 +48,9 @@ class captcha
imageantialias($image, true); imageantialias($image, true);
} }
// seed the random generator
mt_srand($seed);
// set background color // set background color
$back = imagecolorallocate($image, mt_rand(224, 255), mt_rand(224, 255), mt_rand(224, 255)); $back = imagecolorallocate($image, mt_rand(224, 255), mt_rand(224, 255), mt_rand(224, 255));
imagefilledrectangle($image, 0, 0, $this->width, $this->height, $back); imagefilledrectangle($image, 0, 0, $this->width, $this->height, $back);
@ -79,7 +82,7 @@ class captcha
$x = mt_rand(0, 360); $x = mt_rand(0, 360);
$y = mt_rand(0, (int)($this->height - ($size / 5))); $y = mt_rand(0, (int)($this->height - ($size / 5)));
$color = $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224)); $color = $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224));
$text = $chars_allowed[array_rand($chars_allowed)]; $text = $chars_allowed[mt_rand(0, sizeof($chars_allowed) - 1)];
imagettftext($image, $size, $angle, $x, $y, $color, $this->get_font(), $text); imagettftext($image, $size, $angle, $x, $y, $color, $this->get_font(), $text);
} }
unset($chars_allowed); unset($chars_allowed);
@ -145,7 +148,7 @@ class captcha
closedir($dr); closedir($dr);
} }
return $fonts[array_rand($fonts)]; return $fonts[mt_rand(0, sizeof($fonts) - 1)];
} }
} }

7
phpBB/includes/captcha/captcha_non_gd.php
View File

@ -30,15 +30,14 @@ class captcha
} }
/** /**
* Create the image containing $code * Create the image containing $code with a seed of $seed
*/ */
function execute($code) function execute($code, $seed)
{ {
$img_height = $this->height - 10; $img_height = $this->height - 10;
$img_width = 0; $img_width = 0;
list($usec, $sec) = explode(' ', microtime()); mt_srand($seed);
mt_srand($sec * $usec);
$char_widths = $hold_chars = array(); $char_widths = $hold_chars = array();
$code_len = strlen($code); $code_len = strlen($code);

4
phpBB/includes/functions.php
View File

@ -1903,12 +1903,14 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
// Generate code // Generate code
$code = gen_rand_string(mt_rand(5, 8)); $code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip)); $confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id, 'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id, 'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_LOGIN, 'confirm_type' => (int) CONFIRM_LOGIN,
'code' => (string) $code) 'code' => (string) $code,
'seed' => (int) $seed)
); );
$db->sql_query($sql); $db->sql_query($sql);

4
phpBB/includes/ucp/ucp_confirm.php
View File

@ -39,7 +39,7 @@ class ucp_confirm
} }
// Try and grab code for this id and session // Try and grab code for this id and session
$sql = 'SELECT code $sql = 'SELECT code, seed
FROM ' . CONFIRM_TABLE . " FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "' WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_id = '" . $db->sql_escape($confirm_id) . "' AND confirm_id = '" . $db->sql_escape($confirm_id) . "'
@ -64,7 +64,7 @@ class ucp_confirm
} }
$captcha = new captcha(); $captcha = new captcha();
$captcha->execute($row['code']); $captcha->execute($row['code'], $row['seed']);
exit; exit;
} }
} }

4
phpBB/includes/ucp/ucp_register.php
View File

@ -441,12 +441,14 @@ class ucp_register
$code = gen_rand_string(mt_rand(5, 8)); $code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip)); $confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id, 'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id, 'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_REG, 'confirm_type' => (int) CONFIRM_REG,
'code' => (string) $code) 'code' => (string) $code,
'seed' => (int) $seed)
); );
$db->sql_query($sql); $db->sql_query($sql);
} }

36
phpBB/install/database_update.php
View File

@ -196,6 +196,33 @@ $dbms_type_map = array(
'VARBINARY' => '[varchar] (255)', 'VARBINARY' => '[varchar] (255)',
), ),
'db2' => array(
'INT:' => 'integer',
'BINT' => 'float',
'UINT' => 'integer',
'UINT:' => 'integer',
'TINT:' => 'smallint',
'USINT' => 'smallint',
'BOOL' => 'smallint',
'VCHAR' => 'varchar(255)',
'VCHAR:' => 'varchar(%d)',
'CHAR:' => 'char(%d)',
'XSTEXT' => 'varchar(1000)',
'STEXT' => 'varchar(3000)',
'TEXT' => 'varchar(8000)',
'MTEXT' => 'varchar(32672)',
'XSTEXT_UNI'=> 'varchar(100)',
'STEXT_UNI' => 'varchar(255)',
'TEXT_UNI' => 'varchar(4000)',
'MTEXT_UNI' => 'varchar(32672)',
'TIMESTAMP' => 'integer',
'DECIMAL' => 'float',
'VCHAR_UNI' => 'varchar(255)',
'VCHAR_UNI:'=> 'varchar(%d)',
'VCHAR_CI' => 'varchar(255)',
'VARBINARY' => 'varchar(255)',
),
'oracle' => array( 'oracle' => array(
'INT:' => 'number(%d)', 'INT:' => 'number(%d)',
'BINT' => 'number(20)', 'BINT' => 'number(20)',
@ -308,7 +335,14 @@ $database_update_info = array(
), ),
), ),
// Latest version // Latest version
'3.0.b4' => array(), '3.0.b4' => array(
// Add the following columns
'add_columns' => array(
CONFIRM_TABLE => array(
'seed' => array('UINT:10', 0),
),
),
),
); );
// Determine mapping database type // Determine mapping database type

3
phpBB/install/schemas/firebird_schema.sql
View File

@ -226,7 +226,8 @@ CREATE TABLE phpbb_confirm (
confirm_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, confirm_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,
session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL, session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,
confirm_type INTEGER DEFAULT 0 NOT NULL, confirm_type INTEGER DEFAULT 0 NOT NULL,
code VARCHAR(8) CHARACTER SET NONE DEFAULT '' NOT NULL code VARCHAR(8) CHARACTER SET NONE DEFAULT '' NOT NULL,
seed INTEGER DEFAULT 0 NOT NULL
);; );;
ALTER TABLE phpbb_confirm ADD PRIMARY KEY (session_id, confirm_id);; ALTER TABLE phpbb_confirm ADD PRIMARY KEY (session_id, confirm_id);;

3
phpBB/install/schemas/mssql_schema.sql
View File

@ -292,7 +292,8 @@ CREATE TABLE [phpbb_confirm] (
[confirm_id] [char] (32) DEFAULT ('') NOT NULL , [confirm_id] [char] (32) DEFAULT ('') NOT NULL ,
[session_id] [char] (32) DEFAULT ('') NOT NULL , [session_id] [char] (32) DEFAULT ('') NOT NULL ,
[confirm_type] [int] DEFAULT (0) NOT NULL , [confirm_type] [int] DEFAULT (0) NOT NULL ,
[code] [varchar] (8) DEFAULT ('') NOT NULL [code] [varchar] (8) DEFAULT ('') NOT NULL ,
[seed] [int] DEFAULT (0) NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO

1
phpBB/install/schemas/mysql_40_schema.sql
View File

@ -163,6 +163,7 @@ CREATE TABLE phpbb_confirm (
session_id char(32) DEFAULT '' NOT NULL, session_id char(32) DEFAULT '' NOT NULL,
confirm_type tinyint(3) DEFAULT '0' NOT NULL, confirm_type tinyint(3) DEFAULT '0' NOT NULL,
code varchar(8) DEFAULT '' NOT NULL, code varchar(8) DEFAULT '' NOT NULL,
seed int(10) UNSIGNED DEFAULT '0' NOT NULL,
PRIMARY KEY (session_id, confirm_id), PRIMARY KEY (session_id, confirm_id),
KEY confirm_type (confirm_type) KEY confirm_type (confirm_type)
); );

1
phpBB/install/schemas/mysql_41_schema.sql
View File

@ -163,6 +163,7 @@ CREATE TABLE phpbb_confirm (
session_id char(32) DEFAULT '' NOT NULL, session_id char(32) DEFAULT '' NOT NULL,
confirm_type tinyint(3) DEFAULT '0' NOT NULL, confirm_type tinyint(3) DEFAULT '0' NOT NULL,
code varchar(8) DEFAULT '' NOT NULL, code varchar(8) DEFAULT '' NOT NULL,
seed int(10) UNSIGNED DEFAULT '0' NOT NULL,
PRIMARY KEY (session_id, confirm_id), PRIMARY KEY (session_id, confirm_id),
KEY confirm_type (confirm_type) KEY confirm_type (confirm_type)
) CHARACTER SET `utf8` COLLATE `utf8_bin`; ) CHARACTER SET `utf8` COLLATE `utf8_bin`;

1
phpBB/install/schemas/oracle_schema.sql
View File

@ -337,6 +337,7 @@ CREATE TABLE phpbb_confirm (
session_id char(32) DEFAULT '' , session_id char(32) DEFAULT '' ,
confirm_type number(3) DEFAULT '0' NOT NULL, confirm_type number(3) DEFAULT '0' NOT NULL,
code varchar2(8) DEFAULT '' , code varchar2(8) DEFAULT '' ,
seed number(10) DEFAULT '0' NOT NULL,
CONSTRAINT pk_phpbb_confirm PRIMARY KEY (session_id, confirm_id) CONSTRAINT pk_phpbb_confirm PRIMARY KEY (session_id, confirm_id)
) )
/ /

1
phpBB/install/schemas/postgres_schema.sql
View File

@ -275,6 +275,7 @@ CREATE TABLE phpbb_confirm (
session_id char(32) DEFAULT '' NOT NULL, session_id char(32) DEFAULT '' NOT NULL,
confirm_type INT2 DEFAULT '0' NOT NULL, confirm_type INT2 DEFAULT '0' NOT NULL,
code varchar(8) DEFAULT '' NOT NULL, code varchar(8) DEFAULT '' NOT NULL,
seed INT4 DEFAULT '0' NOT NULL CHECK (seed >= 0),
PRIMARY KEY (session_id, confirm_id) PRIMARY KEY (session_id, confirm_id)
); );

1
phpBB/install/schemas/sqlite_schema.sql
View File

@ -160,6 +160,7 @@ CREATE TABLE phpbb_confirm (
session_id char(32) NOT NULL DEFAULT '', session_id char(32) NOT NULL DEFAULT '',
confirm_type tinyint(3) NOT NULL DEFAULT '0', confirm_type tinyint(3) NOT NULL DEFAULT '0',
code varchar(8) NOT NULL DEFAULT '', code varchar(8) NOT NULL DEFAULT '',
seed INTEGER UNSIGNED NOT NULL DEFAULT '0',
PRIMARY KEY (session_id, confirm_id) PRIMARY KEY (session_id, confirm_id)
); );

4
phpBB/posting.php
View File

@ -1128,12 +1128,14 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && $solved_c
// Generate code // Generate code
$code = gen_rand_string(mt_rand(5, 8)); $code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip)); $confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id, 'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id, 'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_POST, 'confirm_type' => (int) CONFIRM_POST,
'code' => (string) $code) 'code' => (string) $code,
'seed' => (int) $seed)
); );
$db->sql_query($sql); $db->sql_query($sql);