From 3a3d5f6c2320a90436de241af41fe22df7344728 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Thu, 17 Oct 2013 22:22:16 +0200 Subject: Replace the last rand() with mt_rand() Better entropy, faster. Also fixed a few "it's" typos. --- system/core/Security.php | 4 ++-- system/database/DB_driver.php | 2 +- system/helpers/captcha_helper.php | 14 +++++++------- tests/codeigniter/core/Security_test.php | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index 368e17dc3..6f5f5cb90 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -884,7 +884,7 @@ class CI_Security { { if ($this->_csrf_hash === '') { - // If the cookie exists we will use it's value. + // If the cookie exists we will use its value. // We don't necessarily want to regenerate it with // each page load since a page could contain embedded // sub-pages causing this feature to fail @@ -894,7 +894,7 @@ class CI_Security { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } - $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + $this->_csrf_hash = md5(uniqid(mt_rand(), TRUE)); $this->csrf_set_cookie(); } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 53decf014..618f3660c 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1135,7 +1135,7 @@ abstract class CI_DB_driver { else { /* We have no other choice but to just get the first element's key. - * Due to array_shift() accepting it's argument by reference, if + * Due to array_shift() accepting its argument by reference, if * E_STRICT is on, this would trigger a warning. So we'll have to * assign it first. */ diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 29911dc17..ea46f97b3 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -126,9 +126,9 @@ if ( ! function_exists('create_captcha')) // Determine angle and position // ----------------------------------- $length = strlen($word); - $angle = ($length >= 6) ? rand(-($length-6), ($length-6)) : 0; - $x_axis = rand(6, (360/$length)-16); - $y_axis = ($angle >= 0) ? rand($img_height, $img_width) : rand(6, $img_height); + $angle = ($length >= 6) ? mt_rand(-($length-6), ($length-6)) : 0; + $x_axis = mt_rand(6, (360/$length)-16); + $y_axis = ($angle >= 0) ? mt_rand($img_height, $img_width) : mt_rand(6, $img_height); // Create image // PHP.net recommends imagecreatetruecolor(), but it isn't always available @@ -183,13 +183,13 @@ if ( ! function_exists('create_captcha')) if ($use_font === FALSE) { $font_size = 5; - $x = rand(0, $img_width / ($length / 3)); + $x = mt_rand(0, $img_width / ($length / 3)); $y = 0; } else { $font_size = 16; - $x = rand(0, $img_width / ($length / 1.5)); + $x = mt_rand(0, $img_width / ($length / 1.5)); $y = $font_size + 2; } @@ -197,13 +197,13 @@ if ( ! function_exists('create_captcha')) { if ($use_font === FALSE) { - $y = rand(0 , $img_height / 2); + $y = mt_rand(0 , $img_height / 2); imagestring($im, $font_size, $x, $y, $word[$i], $colors['text']); $x += ($font_size * 2); } else { - $y = rand($img_height / 2, $img_height - 3); + $y = mt_rand($img_height / 2, $img_height - 3); imagettftext($im, $font_size, $angle, $x, $y, $colors['text'], $font_path, $word[$i]); $x += $font_size; } diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 3f6e3b07a..433ad313f 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -5,7 +5,7 @@ class Security_test extends CI_TestCase { public function set_up() { // Set cookie for security test - $_COOKIE['ci_csrf_cookie'] = md5(uniqid(rand(), TRUE)); + $_COOKIE['ci_csrf_cookie'] = md5(uniqid(mt_rand(), TRUE)); // Set config for Security class $this->ci_set_config('csrf_protection', TRUE); -- cgit v1.2.3-24-g4f1b