Skip to content
Permalink
Browse files

Ensure = is removed from generated salt values.

  • Loading branch information...
markstory committed Aug 24, 2012
1 parent 064fef1 commit 24b68ec1db681fb371279c2a6313a9621f4832db
Showing with 6 additions and 1 deletion.
  1. +6 −1 lib/Cake/Utility/Security.php
@@ -222,7 +222,12 @@ public static function rijndael($text, $key, $operation) {
* @return string The generated salt
*/
public static function salt($length = 22) {
return substr(str_replace('+', '.', base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))), 0, $length);
$salt = str_replace(
array('+', '='),
'.',
base64_encode(sha1(uniqid(Configure::read('Security.salt'), true), true))
);
return substr($salt, 0, $length);
}
/**

0 comments on commit 24b68ec

Please sign in to comment.
You can’t perform that action at this time.