Use PHP7 random_bytes to generate RSS Token

random_bytes is a PHP 7 function wich has been ported to PHP 5 using paragonie/random_compat
This commit is contained in:
Jeremy Benoist 2016-01-21 16:35:41 +01:00
parent 9aa66d6244
commit 7a0e6970b4
2 changed files with 6 additions and 12 deletions

View file

@ -62,7 +62,8 @@
"wallabag/php-mobi": "~1.0.0", "wallabag/php-mobi": "~1.0.0",
"kphoen/rulerz-bundle": "~0.10", "kphoen/rulerz-bundle": "~0.10",
"guzzlehttp/guzzle": "^5.2.0", "guzzlehttp/guzzle": "^5.2.0",
"doctrine/doctrine-migrations-bundle": "^1.0" "doctrine/doctrine-migrations-bundle": "^1.0",
"paragonie/random_compat": "~1.0"
}, },
"require-dev": { "require-dev": {
"doctrine/doctrine-fixtures-bundle": "~2.2", "doctrine/doctrine-fixtures-bundle": "~2.2",

View file

@ -7,20 +7,13 @@ class Utils
/** /**
* Generate a token used for RSS. * Generate a token used for RSS.
* *
* @param integer $length Length of the token
*
* @return string * @return string
*/ */
public static function generateToken() public static function generateToken($length = 15)
{ {
if (ini_get('open_basedir') === '') { $token = substr(base64_encode(random_bytes($length)), 0, $length);
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
// alternative to /dev/urandom for Windows
$token = substr(base64_encode(uniqid(mt_rand(), true)), 0, 20);
} else {
$token = substr(base64_encode(file_get_contents('/dev/urandom', false, null, 0, 20)), 0, 15);
}
} else {
$token = substr(base64_encode(uniqid(mt_rand(), true)), 0, 20);
}
// remove character which can broken the url // remove character which can broken the url
return str_replace(array('+', '/'), '', $token); return str_replace(array('+', '/'), '', $token);