| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: functions.php 4562 2009-11-29 22:04:37Z RyanGordon $
| * $Id: functions.php 4868 2010-04-11 05:15:23Z RyanGordon $
|
*/
/**
| */
/**
|
| Zeile 154 | Zeile 154 |
|---|
// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
if(!is_object($db))
{
|
// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
if(!is_object($db))
{
|
if(!isset($config))
| if(!isset($config) || empty($config['database']['type']))
|
{
require MYBB_ROOT."inc/config.php";
}
| {
require MYBB_ROOT."inc/config.php";
}
|
| Zeile 2171 | Zeile 2171 |
|---|
for($i = 1; $i <= $length; ++$i)
{
|
for($i = 1; $i <= $length; ++$i)
{
|
$ch = mt_rand(0, count($set)-1);
| $ch = my_rand(0, count($set)-1);
|
$str .= $set[$ch];
}
| $str .= $set[$ch];
}
|
| Zeile 5567 | Zeile 5567 |
|---|
}
return $count;
|
}
return $count;
|
| | }
/**
* Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
* @param int Length of the seed bytes (8 is default. Provides good cryptographic variance)
* @return int An integer equivilent of a secure hexadecimal seed
*/
function secure_seed_rng($count=8)
{
$output = '';
// Try the OpenSSL method first. This is the strongest.
if(function_exists('openssl_random_pseudo_bytes'))
{
$output = openssl_random_pseudo_bytes($count, $strong);
if($strong !== true)
{
$output = '';
}
}
if($output == '')
{
// Then try the unix/linux method
if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
{
$output = @fread($handle, $count);
@fclose($handle);
}
}
// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
if(strlen($output) < $count)
{
$output = '';
// Close to what PHP basically uses internally to seed, but not quite.
$unique_state = microtime().@getmypid();
for($i = 0; $i < $count; $i += 16)
{
$unique_state = md5(microtime().$unique_state);
$output .= pack('H*', md5($unique_state));
}
}
// /dev/urandom and openssl will always be twice as long as $count. base64_encode will roughly take up 33% more space but crc32 will put it to 32 characters
$output = hexdec(substr(dechex(crc32(base64_encode($output))), 0, $count));
return $output;
}
/**
* Wrapper function for mt_rand. Automatically seeds using a secure seed once.
*
* @param int Optional lowest value to be returned (default: 0)
* @param int Optional highest value to be returned (default: mt_getrandmax())
* @param boolean True forces it to reseed the RNG first
* @return int An integer equivilent of a secure hexadecimal seed
*/
function my_rand($min=null, $max=null, $force_seed=false)
{
static $seeded = false;
if($seeded == false || $force_seed == true)
{
mt_srand(secure_seed_rng());
$seeded = true;
}
if($min !== null && $max !== null)
{
return mt_rand($min, $max);
}
else
{
return mt_rand();
}
|
}
?>
| }
?>
|