diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-11-17 20:04:49 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-11-17 20:04:49 +0000 |
| commit | e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9 (patch) | |
| tree | d95019f35104d9518d7159c2aae077ea8aa0bae0 /phpBB/includes/functions.php | |
| parent | 056d24a0bd8b3d4998fcbca51cffc525778b2d38 (diff) | |
| download | forums-e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9.tar forums-e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9.tar.gz forums-e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9.tar.bz2 forums-e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9.tar.xz forums-e2e56acca918ceb3cfd1a64a8ec91a788ae4a5f9.zip | |
some further fixes
- re-introduce grabbing random number from /dev/urandom
git-svn-id: file:///svn/phpbb/trunk@8241 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 5ef95761e0..668fc9d0e0 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -270,13 +270,24 @@ function phpbb_hash($password) $random = ''; $count = 6; - for ($i = 0; $i < $count; $i += 16) + if (($fh = @fopen('/dev/urandom', 'rb'))) { - $random_state = md5(unique_id() . $random_state); - $random .= pack('H*', md5($random_state)); + $random = fread($fh, $count); + fclose($fh); } - $random = substr($random, 0, $count); + if (strlen($random) < $count) + { + $random = ''; + + for ($i = 0; $i < $count; $i += 16) + { + $random_state = md5(unique_id() . $random_state); + $random .= pack('H*', md5($random_state)); + } + $random = substr($random, 0, $count); + } + $hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64); if (strlen($hash) == 34) @@ -2867,6 +2878,12 @@ function msg_handler($errno, $msg_text, $errfile, $errline) global $cache, $db, $auth, $template, $config, $user; global $phpEx, $phpbb_root_path, $msg_title, $msg_long_text; + // Do not display notices if we suppress them via @ + if (error_reporting() == 0) + { + return; + } + // Message handler is stripping text. In case we need it, we are possible to define long text... if (isset($msg_long_text) && $msg_long_text && !$msg_text) { @@ -2879,9 +2896,8 @@ function msg_handler($errno, $msg_text, $errfile, $errline) case E_WARNING: // Check the error reporting level and return if the error level does not match - // Additionally do not display notices if we suppress them via @ // If DEBUG is defined the default level is E_ALL - if (($errno & ((defined('DEBUG') && error_reporting()) ? E_ALL : error_reporting())) == 0) + if (($errno & ((defined('DEBUG')) ? E_ALL : error_reporting())) == 0) { return; } |