From 0792bf98bde273fa8d0d80f591068123088ad071 Mon Sep 17 00:00:00 2001 From: "Fedor A. Fetisov" Date: Tue, 29 Oct 2013 02:57:43 +0400 Subject: [PATCH] Implement more secure methods for the generation of tokens --- src/mibew/libs/classes/request_processor.php | 1 + src/mibew/libs/classes/thread.php | 9 ++++++++- src/mibew/operator/restore.php | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/mibew/libs/classes/request_processor.php b/src/mibew/libs/classes/request_processor.php index f3aebb0d..8f6b64fc 100644 --- a/src/mibew/libs/classes/request_processor.php +++ b/src/mibew/libs/classes/request_processor.php @@ -270,6 +270,7 @@ abstract class RequestProcessor { } // Create request +// TODO: evaluate a possibility of using more secure method of the generation of token $token = md5(microtime() . rand()); $request = array( 'token' => $token, diff --git a/src/mibew/libs/classes/thread.php b/src/mibew/libs/classes/thread.php index 5a37db78..6ceda2c8 100644 --- a/src/mibew/libs/classes/thread.php +++ b/src/mibew/libs/classes/thread.php @@ -463,7 +463,14 @@ Class Thread { * @return int Thread token */ protected static function nextToken() { - return rand(99999, 99999999); + if (function_exists('openssl_random_pseudo_bytes')) { + $token_arr = unpack('N', "\x0" . openssl_random_pseudo_bytes(3)); + $token = $token_arr[1]; + } + else { + $token = mt_rand(99999, 99999999); + } + return $token; } /** diff --git a/src/mibew/operator/restore.php b/src/mibew/operator/restore.php index a11809d3..2faeb5f1 100644 --- a/src/mibew/operator/restore.php +++ b/src/mibew/operator/restore.php @@ -38,7 +38,7 @@ if (isset($_POST['loginoremail'])) { } if (count($errors) == 0) { - $token = md5((time() + microtime()) . rand(0, 99999999)); + $token = sha1($torestore['vclogin'] . (function_exists('openssl_random_pseudo_bytes') ? openssl_random_pseudo_bytes(32) : (time() + microtime()) . mt_rand(0, 99999999))); $db = Database::getInstance(); $db->query(