Permalink
Browse files

Rework of the seed generation.

* When the user didn't change the default SEED constants, the error message suggest a new seed.
* Create a function "randomString($size)" with the code which generate the key of new rooms.
  • Loading branch information...
olivierperez committed Feb 28, 2015
1 parent 7024689 commit e92f749fe888d6eae0b9912a8e3a6b63632b59aa
Showing with 25 additions and 24 deletions.
  1. +0 −1 inc/classes.php
  2. +0 −1 inc/conf.php
  3. +0 −1 inc/dbmanager.php
  4. +16 −7 inc/functions.php
  5. +1 −2 inc/init.php
  6. +6 −3 index.php
  7. +2 −9 newroom.php
View
@@ -17,4 +17,3 @@ class ChatMessage {
public $userId;
public $date;
}
?>
View
@@ -26,4 +26,3 @@
525960 => '1 year',
0 => 'Unlimited'
);
?>
View
@@ -261,4 +261,3 @@ function GetNbMessages() {
}
}
}
?>
View
@@ -1,9 +1,18 @@
<?php
function getHashForIp() {
return substr(md5($_SERVER['REMOTE_ADDR'] . SEED), 0, 16);
}
function logException($e) {
file_put_contents(LOGS_FILE_NAME, date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']) . ' -> ' . $e->getMessage() . PHP_EOL . $e->getTraceAsString() . PHP_EOL . PHP_EOL . PHP_EOL, FILE_APPEND);
function getHashForIp() {
return substr(md5($_SERVER['REMOTE_ADDR'] . SEED), 0, 16);
}
function logException($e) {
file_put_contents(LOGS_FILE_NAME, date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']) . ' -> ' . $e->getMessage() . PHP_EOL . $e->getTraceAsString() . PHP_EOL . PHP_EOL . PHP_EOL, FILE_APPEND);
}
function randomString($size) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$random = '';
for ($i = 0; $i < $size; $i++) {
$random .= $characters[rand(0, strlen($characters) - 1)];
}
?>
return $random;
}
View
@@ -1,3 +1,2 @@
<?php
date_default_timezone_set('UTC');
?>
date_default_timezone_set('UTC');
View
@@ -1,4 +1,7 @@
<!DOCTYPE html>
<?php
require 'inc/conf.php';
require 'inc/functions.php';
?><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
@@ -10,7 +13,6 @@
</head>
<body>
<?php
require 'inc/conf.php';
$showContent = true;
if(!is_writable(DB_FILE_NAME)) {
$showContent = false;
@@ -68,7 +70,8 @@
<h2>Error: the seed was not modified</h2>
<p>
The seed that is used to do a better hashing for users is still 'f-rjng24!1r5TRHHgnjrt'<br />
Please modify its value in 'inc/constants.php'.
Please modify its value in 'inc/conf.php'.<br />
You could may be use '<?php echo randomString(20); ?>', or another.
</p>
<?php
}
View
@@ -21,16 +21,10 @@
$userHash = getHashForIp();
// we generate a random key
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$key = '';
for ($i = 0; $i < 20; $i++) {
$key .= $characters[rand(0, strlen($characters) - 1)];
}
// we add the seed, hash the whole key and only take the 20 first characters
$key = substr(md5($key . SEED), 0, 20);
$key = randomString(20);
// we create the chat room object
$chatRoom = new ChatRoom;
$chatRoom = new ChatRoom();
$chatRoom->id = $key;
$chatRoom->dateCreation = $time;
$chatRoom->dateLastNewMessage = $time;
@@ -53,4 +47,3 @@
$dbManager->CreateChatroom($chatRoom);
header('Location: chatroom.php?id=' . $key);
?>

0 comments on commit e92f749

Please sign in to comment.