#5734

- replaced array_rand($array) with mt_rand(0, sizeof($array) - 1) as array_rand did not take my seed git-svn-id: file:///svn/phpbb/trunk@6705 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-05 15:16:16 +02:00 · 2006-12-03 17:36:59 +00:00 · 2006-12-03 17:36:59 +00:00 · ec80eb74aa
commit ec80eb74aa
parent 1f7224c601
15 changed files with 65 additions and 15 deletions
--- a/phpBB/develop/create_schema_files.php
+++ b/phpBB/develop/create_schema_files.php
@ -949,6 +949,7 @@ function get_schema_struct()
 			'session_id'		=> array('CHAR:32', ''),
 			'confirm_type'		=> array('TINT:3', 0),
 			'code'				=> array('VCHAR:8', ''),
+			'seed'				=> array('UINT:10', 0),
 		),
 		'PRIMARY_KEY'	=> array('session_id', 'confirm_id'),
 		'KEYS'			=> array(
--- a/phpBB/includes/captcha/captcha_gd.php
+++ b/phpBB/includes/captcha/captcha_gd.php
@ -19,7 +19,7 @@ class captcha
 	var $width = 360;
 	var $height = 96;

-	function execute($code)
+	function execute($code, $seed)
 	{
 		global $config;
 		$stats = gd_info();
@ -48,6 +48,9 @@ class captcha
 			imageantialias($image, true);
 		}

+		// seed the random generator
+		mt_srand($seed);
+
 		// set background color
 		$back =  imagecolorallocate($image, mt_rand(224, 255), mt_rand(224, 255), mt_rand(224, 255));
 		imagefilledrectangle($image, 0, 0, $this->width, $this->height, $back);
@ -79,7 +82,7 @@ class captcha
 				$x		= mt_rand(0, 360);
 				$y		= mt_rand(0, (int)($this->height - ($size / 5)));
 				$color	= $func2($image, mt_rand(160, 224), mt_rand(160, 224), mt_rand(160, 224));
-				$text	= $chars_allowed[array_rand($chars_allowed)];
+				$text	= $chars_allowed[mt_rand(0, sizeof($chars_allowed) - 1)];
 				imagettftext($image, $size, $angle, $x, $y, $color, $this->get_font(), $text);
 			}
 			unset($chars_allowed);
@ -145,7 +148,7 @@ class captcha
 			closedir($dr);
 		}

-		return $fonts[array_rand($fonts)];
+		return $fonts[mt_rand(0, sizeof($fonts) - 1)];
 	}
 }

--- a/phpBB/includes/captcha/captcha_non_gd.php
+++ b/phpBB/includes/captcha/captcha_non_gd.php
@ -30,15 +30,14 @@ class captcha
 	}

 	/**
-	* Create the image containing $code
+	* Create the image containing $code with a seed of $seed
 	*/
-	function execute($code)
+	function execute($code, $seed)
 	{
 		$img_height = $this->height - 10;
 		$img_width = 0;

-		list($usec, $sec) = explode(' ', microtime()); 
-		mt_srand($sec * $usec);
+		mt_srand($seed);

 		$char_widths = $hold_chars = array();
 		$code_len = strlen($code);
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -1903,12 +1903,14 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 				// Generate code
 				$code = gen_rand_string(mt_rand(5, 8));
 				$confirm_id = md5(unique_id($user->ip));
+				$seed = hexdec(substr(unique_id(), 4, 10));

 				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 					'confirm_id'	=> (string) $confirm_id,
 					'session_id'	=> (string) $user->session_id,
 					'confirm_type'	=> (int) CONFIRM_LOGIN,
-					'code'			=> (string) $code)
+					'code'			=> (string) $code,
+					'seed'			=> (int) $seed)
 				);
 				$db->sql_query($sql);

--- a/phpBB/includes/ucp/ucp_confirm.php
+++ b/phpBB/includes/ucp/ucp_confirm.php
@ -39,7 +39,7 @@ class ucp_confirm
 		}

 		// Try and grab code for this id and session
-		$sql = 'SELECT code  
+		$sql = 'SELECT code, seed
 			FROM ' . CONFIRM_TABLE . " 
 			WHERE session_id = '" . $db->sql_escape($user->session_id) . "' 
 				AND confirm_id = '" . $db->sql_escape($confirm_id) . "'
@ -64,7 +64,7 @@ class ucp_confirm
 		}

 		$captcha = new captcha();
-		$captcha->execute($row['code']);
+		$captcha->execute($row['code'], $row['seed']);
 		exit;
 	}
 }
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -441,12 +441,14 @@ class ucp_register

 				$code = gen_rand_string(mt_rand(5, 8));
 				$confirm_id = md5(unique_id($user->ip));
+				$seed = hexdec(substr(unique_id(), 4, 10));

 				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 					'confirm_id'	=> (string) $confirm_id,
 					'session_id'	=> (string) $user->session_id,
 					'confirm_type'	=> (int) CONFIRM_REG,
-					'code'			=> (string) $code)
+					'code'			=> (string) $code,
+					'seed'			=> (int) $seed)
 				);
 				$db->sql_query($sql);
 			}
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@ -196,6 +196,33 @@ $dbms_type_map = array(
 		'VARBINARY'	=> '[varchar] (255)',
 	),

+	'db2'		=> array(
+		'INT:'		=> 'integer',
+		'BINT'		=> 'float',
+		'UINT'		=> 'integer',
+		'UINT:'		=> 'integer',
+		'TINT:'		=> 'smallint',
+		'USINT'		=> 'smallint',
+		'BOOL'		=> 'smallint',
+		'VCHAR'		=> 'varchar(255)',
+		'VCHAR:'	=> 'varchar(%d)',
+		'CHAR:'		=> 'char(%d)',
+		'XSTEXT'	=> 'varchar(1000)',
+		'STEXT'		=> 'varchar(3000)',
+		'TEXT'		=> 'varchar(8000)',
+		'MTEXT'		=> 'varchar(32672)',
+		'XSTEXT_UNI'=> 'varchar(100)',
+		'STEXT_UNI'	=> 'varchar(255)',
+		'TEXT_UNI'	=> 'varchar(4000)',
+		'MTEXT_UNI'	=> 'varchar(32672)',
+		'TIMESTAMP'	=> 'integer',
+		'DECIMAL'	=> 'float',
+		'VCHAR_UNI'	=> 'varchar(255)',
+		'VCHAR_UNI:'=> 'varchar(%d)',
+		'VCHAR_CI'	=> 'varchar(255)',
+		'VARBINARY'	=> 'varchar(255)',
+	),
+
 	'oracle'	=> array(
 		'INT:'		=> 'number(%d)',
 		'BINT'		=> 'number(20)',
@ -308,7 +335,14 @@ $database_update_info = array(
 		),
 	),
 	// Latest version
-	'3.0.b4'			=> array(),
+	'3.0.b4'			=> array(
+		// Add the following columns
+		'add_columns'		=> array(
+			CONFIRM_TABLE		=> array(
+				'seed'				=> array('UINT:10', 0),
+			),
+		),
+	),
 );

 // Determine mapping database type
--- a/phpBB/install/schemas/firebird_schema.sql
+++ b/phpBB/install/schemas/firebird_schema.sql
@ -226,7 +226,8 @@ CREATE TABLE phpbb_confirm (
 	confirm_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,
 	session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,
 	confirm_type INTEGER DEFAULT 0 NOT NULL,
-	code VARCHAR(8) CHARACTER SET NONE DEFAULT '' NOT NULL
+	code VARCHAR(8) CHARACTER SET NONE DEFAULT '' NOT NULL,
+	seed INTEGER DEFAULT 0 NOT NULL
 );;

 ALTER TABLE phpbb_confirm ADD PRIMARY KEY (session_id, confirm_id);;
--- a/phpBB/install/schemas/mssql_schema.sql
+++ b/phpBB/install/schemas/mssql_schema.sql
@ -292,7 +292,8 @@ CREATE TABLE [phpbb_confirm] (
 	[confirm_id] [char] (32) DEFAULT ('') NOT NULL ,
 	[session_id] [char] (32) DEFAULT ('') NOT NULL ,
 	[confirm_type] [int] DEFAULT (0) NOT NULL ,
-	[code] [varchar] (8) DEFAULT ('') NOT NULL 
+	[code] [varchar] (8) DEFAULT ('') NOT NULL ,
+	[seed] [int] DEFAULT (0) NOT NULL 
 ) ON [PRIMARY]
 GO

--- a/phpBB/install/schemas/mysql_40_schema.sql
+++ b/phpBB/install/schemas/mysql_40_schema.sql
@ -163,6 +163,7 @@ CREATE TABLE phpbb_confirm (
 	session_id char(32) DEFAULT '' NOT NULL,
 	confirm_type tinyint(3) DEFAULT '0' NOT NULL,
 	code varchar(8) DEFAULT '' NOT NULL,
+	seed int(10) UNSIGNED DEFAULT '0' NOT NULL,
 	PRIMARY KEY (session_id, confirm_id),
 	KEY confirm_type (confirm_type)
 );
--- a/phpBB/install/schemas/mysql_41_schema.sql
+++ b/phpBB/install/schemas/mysql_41_schema.sql
@ -163,6 +163,7 @@ CREATE TABLE phpbb_confirm (
 	session_id char(32) DEFAULT '' NOT NULL,
 	confirm_type tinyint(3) DEFAULT '0' NOT NULL,
 	code varchar(8) DEFAULT '' NOT NULL,
+	seed int(10) UNSIGNED DEFAULT '0' NOT NULL,
 	PRIMARY KEY (session_id, confirm_id),
 	KEY confirm_type (confirm_type)
 ) CHARACTER SET `utf8` COLLATE `utf8_bin`;
--- a/phpBB/install/schemas/oracle_schema.sql
+++ b/phpBB/install/schemas/oracle_schema.sql
@ -337,6 +337,7 @@ CREATE TABLE phpbb_confirm (
 	session_id char(32) DEFAULT '' ,
 	confirm_type number(3) DEFAULT '0' NOT NULL,
 	code varchar2(8) DEFAULT '' ,
+	seed number(10) DEFAULT '0' NOT NULL,
 	CONSTRAINT pk_phpbb_confirm PRIMARY KEY (session_id, confirm_id)
 )
 /
--- a/phpBB/install/schemas/postgres_schema.sql
+++ b/phpBB/install/schemas/postgres_schema.sql
@ -275,6 +275,7 @@ CREATE TABLE phpbb_confirm (
 	session_id char(32) DEFAULT '' NOT NULL,
 	confirm_type INT2 DEFAULT '0' NOT NULL,
 	code varchar(8) DEFAULT '' NOT NULL,
+	seed INT4 DEFAULT '0' NOT NULL CHECK (seed >= 0),
 	PRIMARY KEY (session_id, confirm_id)
 );

--- a/phpBB/install/schemas/sqlite_schema.sql
+++ b/phpBB/install/schemas/sqlite_schema.sql
@ -160,6 +160,7 @@ CREATE TABLE phpbb_confirm (
 	session_id char(32) NOT NULL DEFAULT '',
 	confirm_type tinyint(3) NOT NULL DEFAULT '0',
 	code varchar(8) NOT NULL DEFAULT '',
+	seed INTEGER UNSIGNED NOT NULL DEFAULT '0',
 	PRIMARY KEY (session_id, confirm_id)
 );

--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -1128,12 +1128,14 @@ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && $solved_c
 	// Generate code
 	$code = gen_rand_string(mt_rand(5, 8));
 	$confirm_id = md5(unique_id($user->ip));
+	$seed = hexdec(substr(unique_id(), 4, 10));

 	$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 		'confirm_id'	=> (string) $confirm_id,
 		'session_id'	=> (string) $user->session_id,
 		'confirm_type'	=> (int) CONFIRM_POST,
-		'code'			=> (string) $code)
+		'code'			=> (string) $code,
+		'seed'			=> (int) $seed)
 	);
 	$db->sql_query($sql);