Merge pull request #5245 from rubencm/ticket/15693

[ticket/15693] Fix get_rand_string()
author: Marc Alexander <admin@m-a-styles.de> 2018-06-17 15:44:28 +0200
committer: Marc Alexander <admin@m-a-styles.de> 2018-06-17 15:44:28 +0200
commit: 02cbb864a5b6df62e978a69c368c8ec5ca35d8a3 (patch)
tree: e604967ada13a1ec9c3a1674bdd5a6f85fce7d9d /phpBB
parent: 7245bc9977235d7165d35a5671ccb5b22fc042e2 (diff)
parent: 9e50e52fa5c72ee668c0d4c43b15e441f31ada5c (diff)
download: forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar
forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.gz
forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.bz2
forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.xz
forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 4aae84705b..270d513a26 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -66,23 +66,27 @@ function set_var(&$result, $var, $type, $multibyte = false)
 /**
 * Generates an alphanumeric random string of given length
 *
+* @param int $num_chars Length of random string, defaults to 8
+*
 * @return string
 */
 function gen_rand_string($num_chars = 8)
 {
 	// [a, z] + [0, 9] = 36
-	return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars);
+	return substr(strtoupper(base_convert(bin2hex(random_bytes($num_chars)), 16, 36)), 0, $num_chars);
 }
 
 /**
 * Generates a user-friendly alphanumeric random string of given length
 * We remove 0 and O so users cannot confuse those in passwords etc.
 *
+* @param int $num_chars Length of random string, defaults to 8
+*
 * @return string
 */
 function gen_rand_string_friendly($num_chars = 8)
 {
-	$rand_str = unique_id();
+	$rand_str = bin2hex(random_bytes($num_chars));
 
 	// Remove Z and Y from the base_convert(), replace 0 with Z and O with Y
 	// [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34
author	Marc Alexander <admin@m-a-styles.de>	2018-06-17 15:44:28 +0200
committer	Marc Alexander <admin@m-a-styles.de>	2018-06-17 15:44:28 +0200
commit	02cbb864a5b6df62e978a69c368c8ec5ca35d8a3 (patch)
tree	e604967ada13a1ec9c3a1674bdd5a6f85fce7d9d /phpBB
parent	7245bc9977235d7165d35a5671ccb5b22fc042e2 (diff)
parent	9e50e52fa5c72ee668c0d4c43b15e441f31ada5c (diff)
download	forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.gz forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.bz2 forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.tar.xz forums-02cbb864a5b6df62e978a69c368c8ec5ca35d8a3.zip