From 0612756dd37a3472259a19814e1a9bb403ab6e11 Mon Sep 17 00:00:00 2001
From: vlakoff <vlakoff@gmail.com>
Date: Sat, 30 Mar 2013 00:06:39 +0100
Subject: Some cleanup related to mt_rand()

- min and max values are 0 and mt_getrandmax() by default
- remove useless mt_srand() seed calls
---
 system/core/Common.php   | 2 +-
 system/core/Security.php | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index efa7a9380..b4f0c388e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -92,7 +92,7 @@ if ( ! function_exists('is_really_writable'))
 		 */
 		if (is_dir($file))
 		{
-			$file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100));
+			$file = rtrim($file, '/').'/'.md5(mt_rand());
 			if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE)
 			{
 				return FALSE;
diff --git a/system/core/Security.php b/system/core/Security.php
index 7aae54efc..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -488,8 +488,7 @@ class CI_Security {
 	{
 		if ($this->_xss_hash === '')
 		{
-			mt_srand();
-			$this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
+			$this->_xss_hash = md5(uniqid(mt_rand()));
 		}
 
 		return $this->_xss_hash;
-- 
cgit v1.2.3-24-g4f1b