Vergleich inc/functions.php - 1.4.10 - 1.4.13

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
 * License: http://www.mybboard.net/about/license
 *

 
 * Website: http://www.mybboard.net
 * License: http://www.mybboard.net/about/license
 *

 * $Id: functions.php 4562 2009-11-29 22:04:37Z RyanGordon $

 * $Id: functions.php 4868 2010-04-11 05:15:23Z RyanGordon $

 */

/**

 */

/**

Zeile 154Zeile 154
	// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
	if(!is_object($db))
	{

 
	// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
	if(!is_object($db))
	{

		if(!isset($config))

		if(!isset($config) || empty($config['database']['type']))

		{
			require MYBB_ROOT."inc/config.php";
		}

		{
			require MYBB_ROOT."inc/config.php";
		}

Zeile 2171Zeile 2171

	for($i = 1; $i <= $length; ++$i)
	{

 

	for($i = 1; $i <= $length; ++$i)
	{

		$ch = mt_rand(0, count($set)-1);

		$ch = my_rand(0, count($set)-1);

		$str .= $set[$ch];
	}


		$str .= $set[$ch];
	}


Zeile 5567Zeile 5567
	}
	
	return $count;

 
	}
	
	return $count;

 
}

/**
 * Returns a securely generated seed for PHP's RNG (Random Number Generator)
 *
 * @param int Length of the seed bytes (8 is default. Provides good cryptographic variance)
 * @return int An integer equivilent of a secure hexadecimal seed
 */
function secure_seed_rng($count=8)
{
	$output = '';
	
	// Try the unix/linux method
	if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
	{
		$output = @fread($handle, $count);
		@fclose($handle);
	}
	
	// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
	if(strlen($output) < $count)
	{
		$output = '';
		
		// Close to what PHP basically uses internally to seed, but not quite.
		$unique_state = microtime().@getmypid();
		
		for($i = 0; $i < $count; $i += 16)
		{
			$unique_state = md5(microtime().$unique_state);
			$output .= pack('H*', md5($unique_state));
		}
	}
	
	// /dev/urandom and openssl will always be twice as long as $count. base64_encode will roughly take up 33% more space but crc32 will put it to 32 characters
	$output = hexdec(substr(dechex(crc32(base64_encode($output))), 0, $count));
	
	return $output;
}

/**
 * Wrapper function for mt_rand. Automatically seeds using a secure seed once.
 *
 * @param int Optional lowest value to be returned (default: 0) 
 * @param int Optional highest value to be returned (default: mt_getrandmax()) 
 * @param boolean True forces it to reseed the RNG first
 * @return int An integer equivilent of a secure hexadecimal seed
 */
function my_rand($min=null, $max=null, $force_seed=false)
{
	static $seeded = false;
	static $obfuscator = 0;

	if($seeded == false || $force_seed == true)
	{
		mt_srand(secure_seed_rng());
		$seeded = true;

		$obfuscator = abs((int) secure_seed_rng());
		
		// Ensure that $obfuscator is <= mt_getrandmax() for 64 bit systems.
		if($obfuscator > mt_getrandmax())
		{
			$obfuscator -= mt_getrandmax();
		}
	}

	if($min !== null && $max !== null)
	{
		$distance = $max - $min;
		if ($distance > 0)
		{
			return $min + (int)((float)($distance + 1) * (float)(mt_rand() ^ $obfuscator) / (mt_getrandmax() + 1));
		}
		else
		{
			return mt_rand($min, $max);
		}
	}
	else
	{
		$val = mt_rand() ^ $obfuscator;
		return $val;
	}

}

?>

}

?>