add one catchall function to make uniqids/keyhashes/etc used by tt-rss

2 files changed, 7 insertions, 3 deletions

diff --git a/include/functions.php b/include/functions.php
index c27455220..cecfaeada 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -738,7 +738,7 @@
 
 				$_SESSION["name"] = db_fetch_result($result, 0, "login");
 				$_SESSION["access_level"] = db_fetch_result($result, 0, "access_level");
-				$_SESSION["csrf_token"] = uniqid(rand(), true);
+				$_SESSION["csrf_token"] = uniqid_short();
 
 				db_query("UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
 					$_SESSION["uid"]);
@@ -768,7 +768,7 @@
 			$_SESSION["auth_module"] = false;
 
 			if (!$_SESSION["csrf_token"]) {
-				$_SESSION["csrf_token"] = uniqid(rand(), true);
+				$_SESSION["csrf_token"] = uniqid_short();
 			}
 
 			$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
@@ -1996,6 +1996,10 @@
 		}
 	}
 
+	function uniqid_short() {
+		return uniqid(base_convert(rand(), 10, 36));
+	}
+
 	// TODO: less dumb splitting
 	require_once "functions2.php";
 
diff --git a/include/functions2.php b/include/functions2.php
index 32c97aee4..df8768517 100644
--- a/include/functions2.php
+++ b/include/functions2.php
@@ -1773,7 +1773,7 @@
 		if (db_num_rows($result) == 1) {
 			return db_fetch_result($result, 0, "access_key");
 		} else {
-			$key = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
+			$key = db_escape_string(uniqid_short());
 
 			$result = db_query("INSERT INTO ttrss_access_keys
 				(access_key, feed_id, is_cat, owner_uid)