Permalink
Browse files

Docblocks fixes and other minor adjustements made.

  • Loading branch information...
1 parent 4cd2d38 commit fbbe9ed72fdd0634cab4d3f12faaef17ac914a60 @resurtm resurtm committed Jul 5, 2013
Showing with 13 additions and 10 deletions.
  1. +1 −1 CHANGELOG
  2. +1 −1 UPGRADE
  3. +10 −7 framework/base/CSecurityManager.php
  4. +1 −1 framework/utils/CPasswordHelper.php
View
@@ -111,7 +111,7 @@ Version 1.1.14 work in progress
- Enh #1977: CFormatter::normalizeDateValue() now is protected instead of private to enable child classes to override it (etienneq)
- Enh #2003: Gii now allows namespaced base classes to be defined in generators (etienneq)
- Enh #2038: CFormatter::formatNtext() method can replace newlines with `<p></p>` not just with `<br />` as it was before (resurtm)
-- Enh #2053: CPasswordHelper has been refactored, CSecurityManager has been enhanced and now able to generate cryptographically strong random stuff (resurtm, tom--, ekerazha, samdark)
+- Enh #2053: CPasswordHelper has been refactored, CSecurityManager has been enhanced and is now able to generate cryptographically strong random bytes and strings (resurtm, tom--, ekerazha, samdark)
- Enh #2062: CWsdlGenerator now supports soap indicators (sequence, choice), injecting of custom WSDL string block and generation of human-friendly documentation for complex types. Added unit test. (lubosdz)
- Enh #2090: Allow passing array of columns to CDbSchema::addPrimaryKey() (paystey)
- Enh #2096: CAPTCHA: non-free Duality.ttf font replaced by open/free SpicyRice.ttf (licensed under SIL OFL v1.1) (resurtm)
View
@@ -70,7 +70,7 @@ Upgrading from v1.1.13
from both these to `CActiveRelation`.
- CSecurityManager::generateRandomKey() has been deprecated in favor of CSecurityManager::generateRandomString().
- Try not to use anymore and avoid CSecurityManager::generateRandomKey() method in your code.
+ Try not to use it anymore and avoid CSecurityManager::generateRandomKey() method in your code.
Upgrading from v1.1.12
----------------------
@@ -81,7 +81,7 @@ public function init()
/**
* @return string a randomly generated private key.
- * @deprecated in favor of {@link generateRandomString()}. Never use this method.
+ * @deprecated in favor of {@link generateRandomString()} since 1.1.14. Never use this method.
*/
protected function generateRandomKey()
{
@@ -330,9 +330,10 @@ public function computeHMAC($data,$key=null,$hashAlgorithm=null)
/**
* Generate a random ASCII string. Generates only [0-9a-zA-z~.] characters which are all
* transparent in raw URL encoding.
- * @param integer $length of the string in characters to be generated.
+ * @param integer $length length of the generated string in characters.
* @param boolean $cryptographicallyStrong set this to require cryptographically strong randomness.
- * @return string|boolean generated random string. Returns false in case string cannot be generated
+ * @return string|boolean random string or false in case it cannot be generated.
+ * @since 1.1.14
*/
public function generateRandomString($length,$cryptographicallyStrong=true)
{
@@ -345,8 +346,9 @@ public function generateRandomString($length,$cryptographicallyStrong=true)
* Generates a string of random bytes.
* @param integer $length number of random bytes to be generated.
* @param boolean $cryptographicallyStrong whether generated string should be cryptographically strong.
- * True parameter value may cause very slow random generation.
- * @return boolean|string generated random binary string. Returns false on failure.
+ * Note that setting this parameter to true makes generation very slow.
+ * @return boolean|string generated random binary string or false on failure.
+ * @since 1.1.14
*/
public function generateRandomBytes($length,$cryptographicallyStrong=true)
{
@@ -405,8 +407,9 @@ public function generateRandomBytes($length,$cryptographicallyStrong=true)
/**
* Generate a pseudo random block of data using several sources. This is the better alternative
- * to {@link mt_rand} function which is not really random at all.
+ * to {@link mt_rand} function which is not really random.
* @return string of 64 pseudo random bytes.
+ * @since 1.1.14
*/
public function generatePseudoRandomBlock()
{
@@ -435,7 +438,7 @@ public function generatePseudoRandomBlock()
/**
* Get random bytes from the system entropy source via PHP session manager.
* @return boolean|string 20-byte random binary string or false on error.
- * Returns false in case it cannot be retrieved.
+ * @since 1.1.14
*/
public function generateSessionRandomBlock()
{
@@ -114,7 +114,7 @@ public static function verifyPassword($password, $hash)
throw new CException(Yii::t('yii','Cannot hash a password that is empty or not a string.'));
if (!$password || !preg_match('{^\$2[axy]\$(\d\d)\$[\./0-9A-Za-z]{22}}',$hash,$matches) ||
- $matches[1] < 4 || $matches[1] > 31)
+ $matches[1]<4 || $matches[1]>31)
return false;
$test=crypt($password,$hash);

0 comments on commit fbbe9ed

Please sign in to comment.