From 7a0e6970b447b270c09e16fc7ee4098f736a7a12 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Thu, 21 Jan 2016 16:35:41 +0100 Subject: Use PHP7 random_bytes to generate RSS Token random_bytes is a PHP 7 function wich has been ported to PHP 5 using paragonie/random_compat --- src/Wallabag/CoreBundle/Tools/Utils.php | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/Wallabag/CoreBundle/Tools/Utils.php b/src/Wallabag/CoreBundle/Tools/Utils.php index a16baca9..71cbc490 100644 --- a/src/Wallabag/CoreBundle/Tools/Utils.php +++ b/src/Wallabag/CoreBundle/Tools/Utils.php @@ -7,20 +7,13 @@ class Utils /** * Generate a token used for RSS. * + * @param integer $length Length of the token + * * @return string */ - public static function generateToken() + public static function generateToken($length = 15) { - if (ini_get('open_basedir') === '') { - if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { - // alternative to /dev/urandom for Windows - $token = substr(base64_encode(uniqid(mt_rand(), true)), 0, 20); - } else { - $token = substr(base64_encode(file_get_contents('/dev/urandom', false, null, 0, 20)), 0, 15); - } - } else { - $token = substr(base64_encode(uniqid(mt_rand(), true)), 0, 20); - } + $token = substr(base64_encode(random_bytes($length)), 0, $length); // remove character which can broken the url return str_replace(array('+', '/'), '', $token); -- cgit v1.2.3