increase randomness of shared url keys a bit
This commit is contained in:
parent
07083d9caa
commit
4c63934bac
4 changed files with 6 additions and 6 deletions
|
@ -1891,7 +1891,7 @@ class Pref_Feeds extends Handler_Protected {
|
||||||
AND owner_uid = " . $owner_uid);
|
AND owner_uid = " . $owner_uid);
|
||||||
|
|
||||||
if ($this->dbh->num_rows($result) == 1) {
|
if ($this->dbh->num_rows($result) == 1) {
|
||||||
$key = $this->dbh->escape_string(uniqid());
|
$key = $this->dbh->escape_string(uniqid(base_convert(rand(), 10, 36)));
|
||||||
|
|
||||||
$this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key'
|
$this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key'
|
||||||
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
|
WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat
|
||||||
|
|
|
@ -3753,7 +3753,7 @@
|
||||||
if (db_num_rows($result) == 1) {
|
if (db_num_rows($result) == 1) {
|
||||||
return db_fetch_result($result, 0, "access_key");
|
return db_fetch_result($result, 0, "access_key");
|
||||||
} else {
|
} else {
|
||||||
$key = db_escape_string(uniqid());
|
$key = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
|
||||||
|
|
||||||
$result = db_query("INSERT INTO ttrss_access_keys
|
$result = db_query("INSERT INTO ttrss_access_keys
|
||||||
(access_key, feed_id, is_cat, owner_uid)
|
(access_key, feed_id, is_cat, owner_uid)
|
||||||
|
|
|
@ -407,7 +407,7 @@ class Instances extends Plugin implements IHandler {
|
||||||
|
|
||||||
print "<hr/>";
|
print "<hr/>";
|
||||||
|
|
||||||
$access_key = uniqid();
|
$access_key = uniqid(rand(), true);
|
||||||
|
|
||||||
/* Access key */
|
/* Access key */
|
||||||
|
|
||||||
|
@ -439,7 +439,7 @@ class Instances extends Plugin implements IHandler {
|
||||||
}
|
}
|
||||||
|
|
||||||
function genHash() {
|
function genHash() {
|
||||||
$hash = uniqid();
|
$hash = uniqid(base_convert(rand(), 10, 36));
|
||||||
|
|
||||||
print json_encode(array("hash" => $hash));
|
print json_encode(array("hash" => $hash));
|
||||||
}
|
}
|
||||||
|
|
|
@ -60,7 +60,7 @@ class Share extends Plugin {
|
||||||
function newkey() {
|
function newkey() {
|
||||||
$id = db_escape_string($_REQUEST['id']);
|
$id = db_escape_string($_REQUEST['id']);
|
||||||
|
|
||||||
$uuid = db_escape_string(uniqid());
|
$uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
|
||||||
|
|
||||||
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id'
|
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id'
|
||||||
AND owner_uid = " . $_SESSION['uid']);
|
AND owner_uid = " . $_SESSION['uid']);
|
||||||
|
@ -91,7 +91,7 @@ class Share extends Plugin {
|
||||||
$ref_id = db_fetch_result($result, 0, "ref_id");
|
$ref_id = db_fetch_result($result, 0, "ref_id");
|
||||||
|
|
||||||
if (!$uuid) {
|
if (!$uuid) {
|
||||||
$uuid = db_escape_string(uniqid());
|
$uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
|
||||||
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param'
|
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param'
|
||||||
AND owner_uid = " . $_SESSION['uid']);
|
AND owner_uid = " . $_SESSION['uid']);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue