php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-07 00:18:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

added back fallback mechanism for generating salt.

Browse Source
This commit is contained in:
Qiang Xue
2014-02-13 14:04:15 -05:00
parent 564048a12d
commit 20aff5330c
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
framework/helpers/BaseSecurity.php
View File

@ -335,8 +335,16 @@ class BaseSecurity
throw new InvalidParamException('Cost must be between 4 and 31.'); throw new InvalidParamException('Cost must be between 4 and 31.');
} }
// Get 20 * 8bits of pseudo-random entropy from mt_rand(). // Get 20 * 8bits of random entropy
if (function_exists('openssl_random_pseudo_bytes')) {
// https://github.com/yiisoft/yii2/pull/2422
$rand = openssl_random_pseudo_bytes(20); $rand = openssl_random_pseudo_bytes(20);
} else {
$rand = '';
for ($i = 0; $i < 20; ++$i) {
$rand .= chr(mt_rand(0, 255));
}
}
// Add the microtime for a little more entropy. // Add the microtime for a little more entropy.
$rand .= microtime(true); $rand .= microtime(true);