projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 05b0961)
Implement StringUtil::getRandomID() in terms of a CSPRNG
authorTim Düsterhus <duesterhus@woltlab.com>
Thu, 3 Jan 2019 12:48:04 +0000 (13:48 +0100)
committerTim Düsterhus <duesterhus@woltlab.com>
Thu, 3 Jan 2019 12:48:04 +0000 (13:48 +0100)
wcfsetup/install/files/lib/util/StringUtil.class.php patch | blob | blame | history

diff --git a/wcfsetup/install/files/lib/util/StringUtil.class.php b/wcfsetup/install/files/lib/util/StringUtil.class.php
index c215dd86359fe954fb4649fd9adadcabe1529bdd..36a556687add125ca0eab5f9b67a852d913753db 100644 (file)
--- a/wcfsetup/install/files/lib/util/StringUtil.class.php
+++ b/wcfsetup/install/files/lib/util/StringUtil.class.php
@@ -42,12 +42,12 @@ final class StringUtil {
        }
        
        /**
-        * Creates a random hash.
+        * Returns a 40 character hexadecimal string generated using a CSPRNG.
         * 
         * @return      string
         */
        public static function getRandomID() {
-               return self::getHash(microtime() . uniqid((string) mt_rand(), true));
+               return bin2hex(random_bytes(20));
        }
        
        /**
WoltLab Suite Core (previously WoltLab Community Framework)