mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

Replace token generation with hash and uniqid with secure random numbers from random_bytes

Browse Source
This commit is contained in:
Hanno Böck
2021-02-01 10:57:42 +01:00
committed by onli
parent 80be37ca8d
commit 931e621549
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/functions.inc.php
View File

@ -530,7 +530,7 @@ function serendipity_sendMail($to, $subject, $message, $fromMail, $headers = NUL
$maildata['headers'][] = 'X-Mailer: ' . $maildata['version']; $maildata['headers'][] = 'X-Mailer: ' . $maildata['version'];
$maildata['headers'][] = 'X-Engine: PHP/'. phpversion(); $maildata['headers'][] = 'X-Engine: PHP/'. phpversion();
} }
$maildata['headers'][] = 'Message-ID: <'. md5(microtime() . uniqid(time())) .'@'. $_SERVER['HTTP_HOST'] .'>'; $maildata['headers'][] = 'Message-ID: <'. bin2hex(random_bytes(16)) .'@'. $_SERVER['HTTP_HOST'] .'>';
$maildata['headers'][] = 'MIME-Version: 1.0'; $maildata['headers'][] = 'MIME-Version: 1.0';
$maildata['headers'][] = 'Precedence: bulk'; $maildata['headers'][] = 'Precedence: bulk';
$maildata['headers'][] = 'Content-Type: text/plain; charset=' . LANG_CHARSET; $maildata['headers'][] = 'Content-Type: text/plain; charset=' . LANG_CHARSET;

4
include/functions_comments.inc.php
View File

@ -842,7 +842,7 @@ function serendipity_insertComment($id, $commentInfo, $type = 'NORMAL', $source
$subscribe = 'false'; $subscribe = 'false';
} }
$dbhash = md5(uniqid(rand(), true)); $dbhash = bin2hex(random_bytes(16));
if ($status == 'confirm') { if ($status == 'confirm') {
$dbstatus = 'confirm' . $dbhash; $dbstatus = 'confirm' . $dbhash;
@ -1230,7 +1230,7 @@ function serendipity_generateCToken($cid) {
global $serendipity; global $serendipity;
$ctoken = md5(uniqid(rand(),1)); $ctoken = bin2hex(random_bytes(16));
//Delete any comment tokens older than 1 week. //Delete any comment tokens older than 1 week.
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}options serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}options

2
include/functions_config.inc.php
View File

@ -502,7 +502,7 @@ function serendipity_checkAutologin($user) {
* Set a session cookie which can identify a user across http/https boundaries * Set a session cookie which can identify a user across http/https boundaries
*/ */
function serendipity_setAuthorToken() { function serendipity_setAuthorToken() {
$hash = sha1(uniqid(rand(), true)); $hash = bin2hex(random_bytes(20));
serendipity_setCookie('author_token', $hash); serendipity_setCookie('author_token', $hash);
$_SESSION['author_token'] = $hash; $_SESSION['author_token'] = $hash;
} }

2
include/plugin_api.inc.php
View File

@ -228,7 +228,7 @@ class serendipity_plugin_api
{ {
global $serendipity; global $serendipity;
$id = md5(uniqid('')); $id = bin2hex(random_bytes(16));
$key = $plugin_class_id . ':' . $id; $key = $plugin_class_id . ':' . $id;
$key = serendipity_db_escape_string($key); $key = serendipity_db_escape_string($key);