diff options
| author | Andrew Dolgov <[email protected]> | 2014-01-17 13:41:27 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2014-01-17 13:41:27 +0400 |
| commit | 4c63934bacb628789897dc2e599e5aa30e76ccd5 (patch) | |
| tree | 0654fd723f5f0478b4cfa65a9d8e27421b3deae7 | |
| parent | 07083d9caad0073327ef2a39a895965f7a483491 (diff) | |
increase randomness of shared url keys a bit
| -rw-r--r-- | classes/pref/feeds.php | 2 | ||||
| -rw-r--r-- | include/functions.php | 2 | ||||
| -rw-r--r-- | plugins/instances/init.php | 4 | ||||
| -rw-r--r-- | plugins/share/init.php | 4 |
4 files changed, 6 insertions, 6 deletions
diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 05c2b229e..4c51d220c 100644 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -1891,7 +1891,7 @@ class Pref_Feeds extends Handler_Protected { AND owner_uid = " . $owner_uid); if ($this->dbh->num_rows($result) == 1) { - $key = $this->dbh->escape_string(uniqid()); + $key = $this->dbh->escape_string(uniqid(base_convert(rand(), 10, 36))); $this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key' WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat diff --git a/include/functions.php b/include/functions.php index fce15b535..28b7a7c89 100644 --- a/include/functions.php +++ b/include/functions.php @@ -3753,7 +3753,7 @@ if (db_num_rows($result) == 1) { return db_fetch_result($result, 0, "access_key"); } else { - $key = db_escape_string(uniqid()); + $key = db_escape_string(uniqid(base_convert(rand(), 10, 36))); $result = db_query("INSERT INTO ttrss_access_keys (access_key, feed_id, is_cat, owner_uid) diff --git a/plugins/instances/init.php b/plugins/instances/init.php index 069186ad1..2de0e5fd2 100644 --- a/plugins/instances/init.php +++ b/plugins/instances/init.php @@ -407,7 +407,7 @@ class Instances extends Plugin implements IHandler { print "<hr/>"; - $access_key = uniqid(); + $access_key = uniqid(rand(), true); /* Access key */ @@ -439,7 +439,7 @@ class Instances extends Plugin implements IHandler { } function genHash() { - $hash = uniqid(); + $hash = uniqid(base_convert(rand(), 10, 36)); print json_encode(array("hash" => $hash)); } diff --git a/plugins/share/init.php b/plugins/share/init.php index 5fa998757..899677c32 100644 --- a/plugins/share/init.php +++ b/plugins/share/init.php @@ -60,7 +60,7 @@ class Share extends Plugin { function newkey() { $id = db_escape_string($_REQUEST['id']); - $uuid = db_escape_string(uniqid()); + $uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36))); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id' AND owner_uid = " . $_SESSION['uid']); @@ -91,7 +91,7 @@ class Share extends Plugin { $ref_id = db_fetch_result($result, 0, "ref_id"); if (!$uuid) { - $uuid = db_escape_string(uniqid()); + $uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36))); db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param' AND owner_uid = " . $_SESSION['uid']); } |