Commit 69abbc7f by Paul Klimov

Fallback at `Security::generateRandomKey()` removed

parent 052ae833
...@@ -180,7 +180,7 @@ class Security extends Component ...@@ -180,7 +180,7 @@ class Security extends Component
$end = StringHelper::byteSubstr($data, -1, null); $end = StringHelper::byteSubstr($data, -1, null);
$last = ord($end); $last = ord($end);
$n = StringHelper::byteLength($data) - $last; $n = StringHelper::byteLength($data) - $last;
if (StringHelper::byteSubstr($data, $n, null) == str_repeat($end, $last)) { if (StringHelper::byteSubstr($data, $n, null) === str_repeat($end, $last)) {
return StringHelper::byteSubstr($data, 0, $n); return StringHelper::byteSubstr($data, 0, $n);
} }
...@@ -322,12 +322,8 @@ class Security extends Component ...@@ -322,12 +322,8 @@ class Security extends Component
*/ */
public function generateRandomKey($length = 32) public function generateRandomKey($length = 32)
{ {
if (function_exists('mcrypt_create_iv')) {
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
} }
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.';
return substr(str_shuffle(str_repeat($chars, 5)), 0, $length);
}
/** /**
* Opens the mcrypt module. * Opens the mcrypt module.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment