Skip to content
This repository
Browse code

Ensure = is removed from generated salt values.

  • Loading branch information...
commit 24b68ec1db681fb371279c2a6313a9621f4832db 1 parent 064fef1
Mark Story authored August 24, 2012

Showing 1 changed file with 6 additions and 1 deletion. Show diff stats Hide diff stats

  1. 7  lib/Cake/Utility/Security.php
7  lib/Cake/Utility/Security.php
@@ -222,7 +222,12 @@ public static function rijndael($text, $key, $operation) {
222 222
  * @return string The generated salt
223 223
  */
224 224
 	public static function salt($length = 22) {
225  
-		return substr(str_replace('+', '.', base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))), 0, $length);
  225
+		$salt = str_replace(
  226
+			array('+', '='),
  227
+			'.',
  228
+			base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))
  229
+		);
  230
+		return substr($salt, 0, $length);
226 231
 	}
227 232
 
228 233
 /**

0 notes on commit 24b68ec

Please sign in to comment.
Something went wrong with that request. Please try again.