<?php
-// (c) Konrad Rosenbaum, 2007-2011
+// (c) Konrad Rosenbaum, 2007-2016
// protected under the GNU AGPL version 3 or at your option any newer
// see COPYING.AGPL
$RANDSEED.=microtime().uniqid("",true);
//attempt to use OpenSSL
if (function_exists('openssl_random_pseudo_bytes')) {
- $RANDSEED .= openssl_random_pseudo_bytes(64, $strong);
+ $RANDSEED .= bin2hex(openssl_random_pseudo_bytes(64, $strong));
// if it was strong, be happy and leave (it probably already used /dev/random)
if($strong === true) {
return;
$RANDCTR++;
}
//return
- return substr($ret,0,$bits);
+ $ret=substr($ret,0,$bits);
+ return $ret;
}
/**return a salt value for Customer::setPassword */
$ret="";
for($i=0;$i<$length;$i++){
//cut random
- $r="0x".substr($rnd,$i*2,2);
- $r=($r+0)&31;
+ $r=hexdec(substr($rnd,$i*2,2)) & 31;
//if this is the first char, further manipulate it;
//this is relied upon by the ticket/voucher/item code to minimize
//search for existing keys