Use deterministic tmp hash

diff --git a/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygAttachmentFormField.class.php b/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygAttachmentFormField.class.php
index 0632f146269c2039cc4e5cc7452f919281fed1f9..e0eb9b9d9519112e4dcba04ad412599dfa703920 100644 (file)
--- a/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygAttachmentFormField.class.php
+++ b/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygAttachmentFormField.class.php
@@ -64,7 +64,13 @@ final class WysiwygAttachmentFormField extends AbstractFormField
     {
         if ($attachmentHandler !== null) {
             if ($this->attachmentHandler === null) {
-                $tmpHash = StringUtil::getRandomID();
+                $tmpHash = \sha1(\implode("\0", [
+                    $this->getId(),
+                    $attachmentHandler->getObjectType()->objectType,
+                    $attachmentHandler->getParentObjectID(),
+                    WCF::getUser()->userID ?: WCF::getSession()->sessionID,
+                ]));
+
                 if ($this->getDocument()->isAjax()) {
                     /** @deprecated 5.5 see QuickReplyManager::setTmpHash() */
                     $sessionTmpHash = WCF::getSession()->getVar('__wcfAttachmentTmpHash');