firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

이전 보안패치중 random_bytes 함수를 잘못 적용할 것을 다시 수정

Browse Source
This commit is contained in:
thisgun
2022-05-25 15:10:46 +09:00
parent 09ec2ac8cb
commit 62ebce3d9c
2 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/common.lib.php
View File

@ -3941,6 +3941,21 @@ function get_token_encryption_key($str=''){
return md5($token);
}
function get_random_token_string($length=6)
{
if(function_exists('random_bytes')){
return bin2hex(random_bytes($length));
}
$characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$characters_length = strlen($characters);
$output = '';
for ($i = 0; $i < $length; $i++)
$output .= $characters[rand(0, $characters_length - 1)];
return bin2hex($output);
}
function filter_input_include_path($path){
return str_replace('//', '/', $path);
}