Permalink
Browse files

Fix how the token secret is generated

  • Loading branch information...
chirags committed Aug 1, 2009
1 parent fbaae9b commit a705e358ed4a534657ab46abcf1ffd317a8bf7a2
Showing with 2 additions and 2 deletions.
  1. +2 −2 lib/OAuth.php
View
@@ -740,8 +740,8 @@ function lookup_nonce($consumer, $token, $nonce, $timestamp) {
function new_token($consumer, $type="request") {
$key = md5(time());
- $secret = time() + time();
- $token = new OAuthToken($key, md5(md5($secret)));
+ $secret = mt_rand();
+ $token = new OAuthToken($key, md5($secret));
if (!dba_insert("${type}_$key", serialize($token), $this->dbh)) {
trigger_error("doooom!", E_USER_WARNING);
return NULL;

0 comments on commit a705e35

Please sign in to comment.