Vergleich inc/functions.php - 1.4.11 - 1.4.13

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: functions.php 4562 2009-11-29 22:04:37Z RyanGordon $

 * $Id: functions.php 4868 2010-04-11 05:15:23Z RyanGordon $

 */

/**

 */

/**

Zeile 154Zeile 154
	// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
if(!is_object($db))
{

	// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct
if(!is_object($db))
{

		if(!isset($config))

		if(!isset($config) || empty($config['database']['type']))

		{
require MYBB_ROOT."inc/config.php";
}

		{
require MYBB_ROOT."inc/config.php";
}

Zeile 2171Zeile 2171

for($i = 1; $i <= $length; ++$i)
{


for($i = 1; $i <= $length; ++$i)
{

		$ch = mt_rand(0, count($set)-1);

		$ch = my_rand(0, count($set)-1);

		$str .= $set[$ch];
}


		$str .= $set[$ch];
}


Zeile 5567Zeile 5567
	}

return $count;

	}

return $count;

 
}

/**
* Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
* @param int Length of the seed bytes (8 is default. Provides good cryptographic variance)
* @return int An integer equivilent of a secure hexadecimal seed
*/
function secure_seed_rng($count=8)
{
$output = '';

// Try the unix/linux method
if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
{
$output = @fread($handle, $count);
@fclose($handle);
}

// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
if(strlen($output) < $count)
{
$output = '';

// Close to what PHP basically uses internally to seed, but not quite.
$unique_state = microtime().@getmypid();

for($i = 0; $i < $count; $i += 16)
{
$unique_state = md5(microtime().$unique_state);
$output .= pack('H*', md5($unique_state));
}
}

// /dev/urandom and openssl will always be twice as long as $count. base64_encode will roughly take up 33% more space but crc32 will put it to 32 characters
$output = hexdec(substr(dechex(crc32(base64_encode($output))), 0, $count));

return $output;
}

/**
* Wrapper function for mt_rand. Automatically seeds using a secure seed once.
*
* @param int Optional lowest value to be returned (default: 0)
* @param int Optional highest value to be returned (default: mt_getrandmax())
* @param boolean True forces it to reseed the RNG first
* @return int An integer equivilent of a secure hexadecimal seed
*/
function my_rand($min=null, $max=null, $force_seed=false)
{
static $seeded = false;
static $obfuscator = 0;

if($seeded == false || $force_seed == true)
{
mt_srand(secure_seed_rng());
$seeded = true;

$obfuscator = abs((int) secure_seed_rng());

// Ensure that $obfuscator is <= mt_getrandmax() for 64 bit systems.
if($obfuscator > mt_getrandmax())
{
$obfuscator -= mt_getrandmax();
}
}

if($min !== null && $max !== null)
{
$distance = $max - $min;
if ($distance > 0)
{
return $min + (int)((float)($distance + 1) * (float)(mt_rand() ^ $obfuscator) / (mt_getrandmax() + 1));
}
else
{
return mt_rand($min, $max);
}
}
else
{
$val = mt_rand() ^ $obfuscator;
return $val;
}

}

?>

}

?>