diff --git a/classes/Consumer.php b/classes/Consumer.php index 01bde457e5..b1ff6d9e1a 100644 --- a/classes/Consumer.php +++ b/classes/Consumer.php @@ -38,7 +38,7 @@ class Consumer extends Managed_DataObject static function generateNew() { $cons = new Consumer(); - $rand = common_good_rand(16); + $rand = common_random_hexstr(16); $cons->seed = $rand; $cons->consumer_key = md5(time() + $rand); diff --git a/classes/Login_token.php b/classes/Login_token.php index 599f21475a..5c463d55c6 100644 --- a/classes/Login_token.php +++ b/classes/Login_token.php @@ -66,7 +66,7 @@ class Login_token extends Managed_DataObject $login_token = new Login_token(); $login_token->user_id = $user->id; - $login_token->token = common_good_rand(16); + $login_token->token = common_random_hexstr(16); $login_token->created = common_sql_now(); $result = $login_token->insert(); diff --git a/lib/apignusocialoauthdatastore.php b/lib/apignusocialoauthdatastore.php index d3eec55c9e..7550ec5f6f 100644 --- a/lib/apignusocialoauthdatastore.php +++ b/lib/apignusocialoauthdatastore.php @@ -264,8 +264,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore $at = new Token(); $at->consumer_key = $consumer->key; - $at->tok = common_good_rand(16); - $at->secret = common_good_rand(16); + $at->tok = common_random_hexstr(16); + $at->secret = common_random_hexstr(16); $at->type = 1; // access $at->verifier = $verifier; $at->verified_callback = $rt->verified_callback; // 1.0a @@ -392,8 +392,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore { $t = new Token(); $t->consumer_key = $consumer->key; - $t->tok = common_good_rand(16); - $t->secret = common_good_rand(16); + $t->tok = common_random_hexstr(16); + $t->secret = common_random_hexstr(16); $t->type = 0; // request $t->state = 0; // unauthorized $t->verified_callback = $callback; @@ -402,7 +402,7 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore // six digit pin $t->verifier = mt_rand(0, 9999999); } else { - $t->verifier = common_good_rand(8); + $t->verifier = common_random_hexstr(8); } $t->created = common_sql_now(); diff --git a/lib/util.php b/lib/util.php index c7bdcafdd5..842889ec5b 100644 --- a/lib/util.php +++ b/lib/util.php @@ -374,7 +374,7 @@ function common_rememberme($user=null) $rm = new Remember_me(); - $rm->code = common_good_rand(16); + $rm->code = common_random_hexstr(16); $rm->user_id = $user->id; // Wrap the insert in some good ol' fashioned transaction code @@ -1549,15 +1549,7 @@ function common_root_url($ssl=false) /** * returns $bytes bytes of random data as a hexadecimal string - * "good" here is a goal and not a guarantee - * - * TODO: Find and replace all calls to this with common_random_hexstr */ -function common_good_rand($bytes) -{ - return common_random_hexstr($bytes); -} - function common_random_hexstr($bytes) { $str = @file_exists('/dev/urandom') @@ -1975,7 +1967,7 @@ function common_confirmation_code($bits) $code = ''; for ($i = 0; $i < $chars; $i++) { // XXX: convert to string and back - $num = hexdec(common_good_rand(1)); + $num = hexdec(common_random_hexstr(1)); // XXX: randomness is too precious to throw away almost // 40% of the bits we get! $code .= $codechars[$num%32]; @@ -2107,7 +2099,7 @@ function common_session_token() { common_ensure_session(); if (!array_key_exists('token', $_SESSION)) { - $_SESSION['token'] = common_good_rand(64); + $_SESSION['token'] = common_random_hexstr(64); } return $_SESSION['token']; } diff --git a/lib/uuid.php b/lib/uuid.php index 386d0e2121..233efbfb2f 100644 --- a/lib/uuid.php +++ b/lib/uuid.php @@ -93,18 +93,18 @@ class UUID { return sprintf('%s-%s-%04x-%04x-%s', // 32 bits for "time_low" - common_good_rand(4), + common_random_hexstr(4), // 16 bits for "time_mid" - common_good_rand(2), + common_random_hexstr(2), // 16 bits for "time_hi_and_version", // four most significant bits holds version number 4 - (hexdec(common_good_rand(2)) & 0x0fff) | 0x4000, + (hexdec(common_random_hexstr(2)) & 0x0fff) | 0x4000, // 16 bits, 8 bits for "clk_seq_hi_res", // 8 bits for "clk_seq_low", // two most significant bits holds zero and one // for variant DCE1.1 - (hexdec(common_good_rand(2)) & 0x3fff) | 0x8000, + (hexdec(common_random_hexstr(2)) & 0x3fff) | 0x8000, // 48 bits for "node" - common_good_rand(6)); + common_random_hexstr(6)); } } diff --git a/plugins/AnonymousFave/AnonymousFavePlugin.php b/plugins/AnonymousFave/AnonymousFavePlugin.php index 67fe851d0f..8e31468d55 100644 --- a/plugins/AnonymousFave/AnonymousFavePlugin.php +++ b/plugins/AnonymousFave/AnonymousFavePlugin.php @@ -187,7 +187,7 @@ class AnonymousFavePlugin extends Plugin list($proxy, $ip) = common_client_ip(); // IP + time + random number should help to avoid collisions - $baseNickname = $ip . '-' . time() . '-' . common_good_rand(5); + $baseNickname = $ip . '-' . time() . '-' . common_random_hexstr(5); $profile = new Profile(); $profile->nickname = $baseNickname; diff --git a/plugins/CasAuthentication/actions/caslogin.php b/plugins/CasAuthentication/actions/caslogin.php index 0e16427184..9d0fcb0507 100644 --- a/plugins/CasAuthentication/actions/caslogin.php +++ b/plugins/CasAuthentication/actions/caslogin.php @@ -34,7 +34,7 @@ class CasloginAction extends Action phpCAS::handleLogoutRequests(); phpCAS::forceAuthentication(); global $casTempPassword; - $casTempPassword = common_good_rand(16); + $casTempPassword = common_random_hexstr(16); $user = common_check_user(phpCAS::getUser(), $casTempPassword); if (!$user) { // TRANS: Server error displayed when trying to log in with incorrect username or password. diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 483460baad..66ac174ef2 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -436,7 +436,7 @@ class FacebookfinishloginAction extends Action if ($response->isOk()) { // seems to always be jpeg, but not sure - $tmpname = "facebook-avatar-tmp-" . common_good_rand(4); + $tmpname = "facebook-avatar-tmp-" . common_random_hexstr(4); $ok = file_put_contents( Avatar::path($tmpname), diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index 76df45369c..8da4ba4d53 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -114,7 +114,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } $registration_data['nickname'] = $nickname; //set the database saved password to a random string. - $registration_data['password']=common_good_rand(16); + $registration_data['password']=common_random_hexstr(16); return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him diff --git a/plugins/OMB/lib/omboauthdatastore.php b/plugins/OMB/lib/omboauthdatastore.php index 4c9ae69556..13bd793ecc 100644 --- a/plugins/OMB/lib/omboauthdatastore.php +++ b/plugins/OMB/lib/omboauthdatastore.php @@ -31,7 +31,7 @@ class OMBOAuthDataStore extends OAuthDataStore if (!$con) { $con = new Consumer(); $con->consumer_key = $consumer_key; - $con->seed = common_good_rand(16); + $con->seed = common_random_hexstr(16); $con->created = common_sql_now(); if (!$con->insert()) { return null; @@ -78,8 +78,8 @@ class OMBOAuthDataStore extends OAuthDataStore { $t = new Token(); $t->consumer_key = $consumer->key; - $t->tok = common_good_rand(16); - $t->secret = common_good_rand(16); + $t->tok = common_random_hexstr(16); + $t->secret = common_random_hexstr(16); $t->type = 0; // request $t->state = 0; // unauthorized $t->created = common_sql_now(); @@ -107,8 +107,8 @@ class OMBOAuthDataStore extends OAuthDataStore common_debug('request token found.', __FILE__); $at = new Token(); $at->consumer_key = $consumer->key; - $at->tok = common_good_rand(16); - $at->secret = common_good_rand(16); + $at->tok = common_random_hexstr(16); + $at->secret = common_random_hexstr(16); $at->type = 1; // access $at->created = common_sql_now(); if (!$at->insert()) { diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 096baff202..a75f8fa2fb 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -251,9 +251,9 @@ class FeedSub extends Managed_DataObject protected function doSubscribe($mode) { $orig = clone($this); - $this->verify_token = common_good_rand(16); + $this->verify_token = common_random_hexstr(16); if ($mode == 'subscribe') { - $this->secret = common_good_rand(32); + $this->secret = common_random_hexstr(32); } $this->sub_state = $mode; $this->update($orig); diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index 7996da3930..c0c4f142e4 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -132,7 +132,7 @@ class HubSub extends Managed_DataObject { assert($mode == 'subscribe' || $mode == 'unsubscribe'); - $challenge = common_good_rand(32); + $challenge = common_random_hexstr(32); $params = array('hub.mode' => $mode, 'hub.topic' => $this->topic, 'hub.challenge' => $challenge); diff --git a/plugins/Realtime/classes/Realtime_channel.php b/plugins/Realtime/classes/Realtime_channel.php index ffd7d34f84..5d6f0ff99a 100644 --- a/plugins/Realtime/classes/Realtime_channel.php +++ b/plugins/Realtime/classes/Realtime_channel.php @@ -121,7 +121,7 @@ class Realtime_channel extends Managed_DataObject $channel->arg2 = $arg2; $channel->audience = 1; - $channel->channel_key = common_good_rand(16); // 128-bit key, 32 hex chars + $channel->channel_key = common_random_hexstr(16); // 128-bit key, 32 hex chars $channel->created = common_sql_now(); $channel->modified = $channel->created; diff --git a/tests/ActivityGenerationTests.php b/tests/ActivityGenerationTests.php index af6535e734..30e400e77b 100644 --- a/tests/ActivityGenerationTests.php +++ b/tests/ActivityGenerationTests.php @@ -28,14 +28,14 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { parent::__construct(); - $authorNick1 = 'activitygenerationtestsuser' . common_good_rand(4); - $authorNick2 = 'activitygenerationtestsuser' . common_good_rand(4); + $authorNick1 = 'activitygenerationtestsuser' . common_random_hexstr(4); + $authorNick2 = 'activitygenerationtestsuser' . common_random_hexstr(4); - $targetNick1 = 'activitygenerationteststarget' . common_good_rand(4); - $targetNick2 = 'activitygenerationteststarget' . common_good_rand(4); + $targetNick1 = 'activitygenerationteststarget' . common_random_hexstr(4); + $targetNick2 = 'activitygenerationteststarget' . common_random_hexstr(4); - $groupNick1 = 'activitygenerationtestsgroup' . common_good_rand(4); - $groupNick2 = 'activitygenerationtestsgroup' . common_good_rand(4); + $groupNick1 = 'activitygenerationtestsgroup' . common_random_hexstr(4); + $groupNick2 = 'activitygenerationtestsgroup' . common_random_hexstr(4); $this->author1 = User::register(array('nickname' => $authorNick1, 'email' => $authorNick1 . '@example.net', @@ -236,7 +236,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $orig = $this->_fakeNotice($this->targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); + $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); @@ -255,7 +255,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $orig = $this->_fakeNotice($this->targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); + $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); @@ -271,11 +271,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $orig = $this->_fakeNotice($this->targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); + $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); $reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); - $text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_good_rand(4); + $text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_random_hexstr(4); $reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id)); @@ -312,7 +312,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testGroupPostAttention() { - $text = "!" . $this->targetGroup1->nickname . " reply text " . common_good_rand(4); + $text = "!" . $this->targetGroup1->nickname . " reply text " . common_random_hexstr(4); $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); @@ -326,7 +326,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testMultipleGroupPostAttention() { - $text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_good_rand(4); + $text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_random_hexstr(4); $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); @@ -379,7 +379,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testTag() { - $tag1 = common_good_rand(4); + $tag1 = common_random_hexstr(4); $notice = $this->_fakeNotice($this->author1, '#' . $tag1); @@ -395,8 +395,8 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testMultiTag() { - $tag1 = common_good_rand(4); - $tag2 = common_good_rand(4); + $tag1 = common_random_hexstr(4); + $tag2 = common_random_hexstr(4); $notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2); @@ -422,7 +422,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testGeotaggedActivity() { - $notice = Notice::saveNew($this->author1->id, common_good_rand(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6)); + $notice = Notice::saveNew($this->author1->id, common_random_hexstr(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6)); $entry = $notice->asAtomEntry(); @@ -518,7 +518,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $orig = $this->_fakeNotice($this->targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4); + $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); @@ -565,7 +565,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase } if (empty($text)) { - $text = "fake-o text-o " . common_good_rand(32); + $text = "fake-o text-o " . common_random_hexstr(32); } return Notice::saveNew($user->id, $text, 'test', array('uri' => null));