- session id is now generated from truly random value, previous used mysql UUID() had weak randomness
- added session id brute force prevention to old template engine (as used in new template engine) - forced login->verify() in old template engine - removed unused login/logout related codes from old template engine - uuid of new database records is now generated in before insert trigger
This commit is contained in:
ocoliver
@@ -69,20 +69,6 @@
|
||||
$module, $eventid, $userid, $objectid1, $objectid2, $logtext, serialize($details));
|
||||
}
|
||||
|
||||
//create a "universal unique" replication "identifier"
|
||||
function create_uuid()
|
||||
{
|
||||
$uuid = mb_strtoupper(md5(uniqid(rand(), true)));
|
||||
|
||||
//split into XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX (type VARCHAR 36, case insensitiv)
|
||||
$uuid = mb_substr($uuid, 0, 8) . '-' . mb_substr($uuid, -24);
|
||||
$uuid = mb_substr($uuid, 0, 13) . '-' . mb_substr($uuid, -20);
|
||||
$uuid = mb_substr($uuid, 0, 18) . '-' . mb_substr($uuid, -16);
|
||||
$uuid = mb_substr($uuid, 0, 23) . '-' . mb_substr($uuid, -12);
|
||||
|
||||
return $uuid;
|
||||
}
|
||||
|
||||
// set a unique waypoint to this cache
|
||||
function setCacheWaypoint($cacheid)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user