Fix upcoming deprecation of mt_rand on newer php versions * provide a workaround function in code/Common like is_php does * closes https://github.com/bcit-ci/CodeIgniter/issues/6275 * related to https://github.com/pocketarc/codeigniter/issues/3#issuecomment-2017024184
... | ... | @@ -74,6 +74,28 @@ if ( ! function_exists('is_php')) |
74 | 74 | }
|
75 | 75 | }
|
76 | 76 | |
77 | +if ( ! function_exists('php_rand'))
|
|
78 | +{
|
|
79 | + /**
|
|
80 | + * implements internally the rand specific function based on PHP version, used internally
|
|
81 | + *
|
|
82 | + * @param int or 0
|
|
83 | + * @param int or mt_getrandmax()
|
|
84 | + * @return int
|
|
85 | + */
|
|
86 | + function php_rand($min = NULL, $max = NULL)
|
|
87 | + {
|
|
88 | + if(!is_int($min) $min = 0;
|
|
89 | + if(!is_int($max) $max = mt_getrandmax();
|
|
90 | + |
|
91 | + if( is_php('7.1.99') ) return random_int($min, $max);
|
|
92 | + |
|
93 | + if (!function_exists('mcrypt_create_iv')) trigger_error( 'mcrypt must be loaded for random_int to work', E_USER_WARNING );
|
|
94 | + |
|
95 | + return mt_rand($min, $max);
|
|
96 | + }
|
|
97 | +}
|
|
98 | + |
|
77 | 99 | // ------------------------------------------------------------------------
|
78 | 100 | |
79 | 101 | if ( ! function_exists('is_really_writable'))
|
... | ... | @@ -102,7 +124,7 @@ if ( ! function_exists('is_really_writable')) |
102 | 124 | */
|
103 | 125 | if (is_dir($file))
|
104 | 126 | {
|
105 | - $file = rtrim($file, '/').'/'.md5(mt_rand());
|
|
127 | + $file = rtrim($file, '/').'/'.md5( is_php('8.3') ? random_int(PHP_INT_MIN, PHP_INT_MAX) : php_rand((mt_getrandmax()*-1),mt_getrandmax()));
|
|
106 | 128 | if (($fp = @fopen($file, 'ab')) === FALSE)
|
107 | 129 | {
|
108 | 130 | return FALSE;
|
... | ... | @@ -612,7 +612,7 @@ class CI_Security { |
612 | 612 | {
|
613 | 613 | $rand = $this->get_random_bytes(16);
|
614 | 614 | $this->_xss_hash = ($rand === FALSE)
|
615 | - ? md5(uniqid(mt_rand(), TRUE))
|
|
615 | + ? md5(uniqid(is_php('8.3') ? mt_rand((mt_getrandmax()*-1),mt_getrandmax()) : random_int(PHP_INT_MIN, PHP_INT_MAX), TRUE))
|
|
616 | 616 | : bin2hex($rand);
|
617 | 617 | }
|
618 | 618 | |
... | ... | @@ -1101,7 +1101,7 @@ class CI_Security { |
1101 | 1101 | |
1102 | 1102 | $rand = $this->get_random_bytes(16);
|
1103 | 1103 | $this->_csrf_hash = ($rand === FALSE)
|
1104 | - ? md5(uniqid(mt_rand(), TRUE))
|
|
1104 | + ? md5(uniqid(is_php('8.3') ? mt_rand((mt_getrandmax()*-1),mt_getrandmax()) : random_int(PHP_INT_MIN, PHP_INT_MAX), TRUE))
|
|
1105 | 1105 | : bin2hex($rand);
|
1106 | 1106 | }
|
1107 | 1107 |
... | ... | @@ -227,7 +227,7 @@ if ( ! function_exists('create_captcha')) |
227 | 227 | {
|
228 | 228 | for ($i = 0; $i < $word_length; $i++)
|
229 | 229 | {
|
230 | - $word .= $pool[mt_rand(0, $rand_max)];
|
|
230 | + $word .= $pool[php_rand()];
|
|
231 | 231 | }
|
232 | 232 | }
|
233 | 233 | elseif ( ! is_string($word))
|
... | ... | @@ -239,9 +239,10 @@ if ( ! function_exists('create_captcha')) |
239 | 239 | // Determine angle and position
|
240 | 240 | // -----------------------------------
|
241 | 241 | $length = strlen($word);
|
242 | - $angle = ($length >= 6) ? mt_rand(-($length-6), ($length-6)) : 0;
|
|
243 | - $x_axis = mt_rand(6, (360/$length)-16);
|
|
244 | - $y_axis = ($angle >= 0) ? mt_rand($img_height, $img_width) : mt_rand(6, $img_height);
|
|
242 | + $angrd = is_php('8.3') ? php_rand(-($length-6), ($length-6)) : random_int(-($length-6), ($length-6));
|
|
243 | + $angle = ($length >= 6) ? $angrd : 0;
|
|
244 | + $x_axis = php_rand(6, (360/$length)-16);
|
|
245 | + $y_axis = ($angle >= 0) ? php_rand($img_height, $img_width) : php_rand(6, $img_height);
|
|
245 | 246 | |
246 | 247 | // Create image
|
247 | 248 | // PHP.net recommends imagecreatetruecolor(), but it isn't always available
|
... | ... | @@ -296,13 +297,13 @@ if ( ! function_exists('create_captcha')) |
296 | 297 | if ($use_font === FALSE)
|
297 | 298 | {
|
298 | 299 | ($font_size > 5) && $font_size = 5;
|
299 | - $x = mt_rand(0, $img_width / ($length / 3));
|
|
300 | + $x = php_rand(0, $img_width / ($length / 3));
|
|
300 | 301 | $y = 0;
|
301 | 302 | }
|
302 | 303 | else
|
303 | 304 | {
|
304 | 305 | ($font_size > 30) && $font_size = 30;
|
305 | - $x = mt_rand(0, $img_width / ($length / 1.5));
|
|
306 | + $x = php_rand(0, $img_width / ($length / 1.5));
|
|
306 | 307 | $y = $font_size + 2;
|
307 | 308 | }
|
308 | 309 | |
... | ... | @@ -310,13 +311,13 @@ if ( ! function_exists('create_captcha')) |
310 | 311 | {
|
311 | 312 | if ($use_font === FALSE)
|
312 | 313 | {
|
313 | - $y = mt_rand(0 , $img_height / 2);
|
|
314 | + $y = php_rand(0 , $img_height / 2);
|
|
314 | 315 | imagestring($im, $font_size, $x, $y, $word[$i], $colors['text']);
|
315 | 316 | $x += ($font_size * 2);
|
316 | 317 | }
|
317 | 318 | else
|
318 | 319 | {
|
319 | - $y = mt_rand($img_height / 2, $img_height - 3);
|
|
320 | + $y = php_rand($img_height / 2, $img_height - 3);
|
|
320 | 321 | imagettftext($im, $font_size, $angle, $x, $y, $colors['text'], $font_path, $word[$i]);
|
321 | 322 | $x += $font_size;
|
322 | 323 | }
|
... | ... | @@ -110,7 +110,7 @@ if ( ! function_exists('form_open')) |
110 | 110 | }
|
111 | 111 | else
|
112 | 112 | {
|
113 | - $noise = mt_rand(-128, 127);
|
|
113 | + $noise = php_rand(-128, 127);
|
|
114 | 114 | }
|
115 | 115 | |
116 | 116 | // Prepend if $noise has a negative value, append if positive, do nothing for zero
|
... | ... | @@ -207,7 +207,7 @@ if ( ! function_exists('random_string')) |
207 | 207 | switch ($type)
|
208 | 208 | {
|
209 | 209 | case 'basic':
|
210 | - return mt_rand();
|
|
210 | + return php_rand();
|
|
211 | 211 | case 'alnum':
|
212 | 212 | case 'numeric':
|
213 | 213 | case 'nozero':
|
... | ... | @@ -230,10 +230,10 @@ if ( ! function_exists('random_string')) |
230 | 230 | return substr(str_shuffle(str_repeat($pool, ceil($len / strlen($pool)))), 0, $len);
|
231 | 231 | case 'unique': // todo: remove in 3.1+
|
232 | 232 | case 'md5':
|
233 | - return md5(uniqid(mt_rand()));
|
|
233 | + return md5(uniqid(php_rand()));
|
|
234 | 234 | case 'encrypt': // todo: remove in 3.1+
|
235 | 235 | case 'sha1':
|
236 | - return sha1(uniqid(mt_rand(), TRUE));
|
|
236 | + return sha1(uniqid(php_rand(), TRUE));
|
|
237 | 237 | }
|
238 | 238 | }
|
239 | 239 | }
|
... | ... | @@ -654,7 +654,7 @@ class CI_Upload { |
654 | 654 | {
|
655 | 655 | if ($this->encrypt_name === TRUE)
|
656 | 656 | {
|
657 | - $filename = md5(uniqid(mt_rand())).$this->file_ext;
|
|
657 | + $filename = md5(uniqid(php_rand())).$this->file_ext;
|
|
658 | 658 | }
|
659 | 659 | |
660 | 660 | if ($this->overwrite === TRUE OR ! file_exists($path.$filename))
|
—
View it on GitLab.
You're receiving this email because of your account on gitlab.com. Manage all notifications · Help
Fix upcoming deprecation of mt_rand on newer php versions * provide a workaround function in code/Common like is_php does * closes https://github.com/bcit-ci/CodeIgniter/issues/6275 * related to https://github.com/pocketarc/codeigniter/issues/3#issuecomment-2017024184
... | ... | @@ -57,6 +57,38 @@ if ( ! function_exists('is_php')) |
57 | 57 | |
58 | 58 | // ------------------------------------------------------------------------
|
59 | 59 | |
60 | +/**
|
|
61 |
+ * implements internally the rand specific function based on PHP version, used internally
|
62 | + *
|
|
63 | + * @access public
|
|
64 |
+ * @param int or 0
|
65 |
+ * @param int or mt_getrandmax()
|
66 | + * @return int
|
|
67 | + */
|
|
68 |
+if ( ! function_exists('php_rand'))
|
69 | +{
|
|
70 | + /**
|
|
71 |
+ * implements internally the rand specific function based on PHP version, used internally
|
72 | + *
|
|
73 |
+ * @param int or 0
|
74 |
+ * @param int or mt_getrandmax()
|
75 | + * @return int
|
|
76 | + */
|
|
77 |
+ function php_rand($min = NULL, $max = NULL)
|
78 | + {
|
|
79 |
+ if(!is_int($min) $min = 0;
|
80 |
+ if(!is_int($max) $max = mt_getrandmax();
|
81 | + |
|
82 |
+ if( is_php('7.1.99') ) return random_int($min, $max);
|
83 | + |
|
84 |
+ if (!function_exists('mcrypt_create_iv')) trigger_error( 'mcrypt must be loaded for random_int to work', E_USER_WARNING );
|
85 | + |
|
86 | + return mt_rand($min, $max);
|
|
87 | + }
|
|
88 | +}
|
|
89 | + |
|
90 | +// ------------------------------------------------------------------------
|
|
91 | + |
|
60 | 92 | /**
|
61 | 93 | * Tests for file writability
|
62 | 94 | *
|
... | ... | @@ -488,7 +488,7 @@ class CI_Security { |
488 | 488 | if ($this->_xss_hash == '')
|
489 | 489 | {
|
490 | 490 | mt_srand();
|
491 | - $this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
|
|
491 | + $this->_xss_hash = md5(time() + php_rand(0, 1999999999));
|
|
492 | 492 | }
|
493 | 493 | |
494 | 494 | return $this->_xss_hash;
|
... | ... | @@ -187,7 +187,7 @@ if ( ! function_exists('create_captcha')) |
187 | 187 | {
|
188 | 188 |
for ($i = 0; $i < $word_length; $i++)
|
189 | 189 | {
|
190 |
- $word .= $pool[mt_rand(0, $rand_max)];
|
190 | + $word .= $pool[php_rand(0, $rand_max)];
|
|
191 | 191 | }
|
192 | 192 | }
|
193 | 193 | elseif ( ! is_string($word))
|
... | ... | @@ -197,7 +197,7 @@ if ( ! function_exists('random_string')) |
197 | 197 | {
|
198 | 198 | switch($type)
|
199 | 199 | {
|
200 | - case 'basic' : return mt_rand();
|
|
200 | + case 'basic' : return php_rand();
|
|
201 | 201 | break;
|
202 | 202 | case 'alnum' :
|
203 | 203 | case 'numeric' :
|
... | ... | @@ -219,14 +219,14 @@ if ( ! function_exists('random_string')) |
219 | 219 | $str = '';
|
220 | 220 | for ($i=0; $i < $len; $i++)
|
221 | 221 | {
|
222 | - $str .= substr($pool, mt_rand(0, strlen($pool) -1), 1);
|
|
222 | + $str .= substr($pool, php_rand(0, strlen($pool) -1), 1);
|
|
223 | 223 | }
|
224 | 224 | return $str;
|
225 | 225 | break;
|
226 | 226 | case 'unique' :
|
227 | 227 | case 'md5' :
|
228 | 228 | |
229 | - return md5(uniqid(mt_rand()));
|
|
229 | + return md5(uniqid(php_rand()));
|
|
230 | 230 | break;
|
231 | 231 | case 'encrypt' :
|
232 | 232 | case 'sha1' :
|
... | ... | @@ -234,7 +234,7 @@ if ( ! function_exists('random_string')) |
234 | 234 | $CI =& get_instance();
|
235 | 235 | $CI->load->helper('security');
|
236 | 236 | |
237 | - return do_hash(uniqid(mt_rand(), TRUE), 'sha1');
|
|
237 | + return do_hash(uniqid(php_rand(), TRUE), 'sha1');
|
|
238 | 238 | break;
|
239 | 239 | }
|
240 | 240 | }
|
... | ... | @@ -247,7 +247,7 @@ class CI_Encrypt { |
247 | 247 | $rand = '';
|
248 | 248 | while (strlen($rand) < 32)
|
249 | 249 | {
|
250 | - $rand .= mt_rand(0, mt_getrandmax());
|
|
250 | + $rand .= php_rand(0, mt_getrandmax());
|
|
251 | 251 | }
|
252 | 252 | |
253 | 253 | $rand = $this->hash($rand);
|
... | ... | @@ -328,7 +328,7 @@ class CI_Session { |
328 | 328 | $sessid = '';
|
329 | 329 | while (strlen($sessid) < 32)
|
330 | 330 | {
|
331 | - $sessid .= mt_rand(0, mt_getrandmax());
|
|
331 | + $sessid .= php_rand(0, mt_getrandmax());
|
|
332 | 332 | }
|
333 | 333 | |
334 | 334 | // To make the session ID even more secure we'll combine it with the user's IP
|
... | ... | @@ -375,7 +375,7 @@ class CI_Session { |
375 | 375 | $new_sessid = '';
|
376 | 376 | while (strlen($new_sessid) < 32)
|
377 | 377 | {
|
378 | - $new_sessid .= mt_rand(0, mt_getrandmax());
|
|
378 | + $new_sessid .= php_rand(0, mt_getrandmax());
|
|
379 | 379 | }
|
380 | 380 | |
381 | 381 | // To make the session ID even more secure we'll combine it with the user's IP
|
... | ... | @@ -397,7 +397,7 @@ class CI_Upload { |
397 | 397 | if ($this->encrypt_name == TRUE)
|
398 | 398 | {
|
399 | 399 | mt_srand();
|
400 |
- $filename = md5(uniqid(mt_rand())).$this->file_ext;
|
400 |
+ $filename = md5(uniqid(php_rand())).$this->file_ext;
|
401 | 401 | }
|
402 | 402 | |
403 | 403 | if ( ! file_exists($path.$filename)) // if ($this->overwrite === TRUE OR ! file_exists($path.$filename)) // permite que asigne nombre nuevo no importa si esta permitido
|