X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fgen_sql_patches.php;h=f4251010df6d9bfe929759eb0c09f4d4acff4dc2;hp=8fd4b43047bacaad899070e04138e004578b25f6;hb=a806525af1afcb19808ad45337c76f8e9a8c9712;hpb=7ff28f7292939ad1a61b9b7a4e3398ff6310a3d0 diff --git a/inc/gen_sql_patches.php b/inc/gen_sql_patches.php index 8fd4b43047..f4251010df 100644 --- a/inc/gen_sql_patches.php +++ b/inc/gen_sql_patches.php @@ -47,31 +47,31 @@ if (empty($_CONFIG['pass_scramble'])) { // ... and store it there for future usage $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET pass_scramble='%s' WHERE config=0 LIMIT 1", - array($scrambleString), __FILE__, __LINE__); + array($scrambleString), __FILE__, __LINE__); // Also remember it in config $_CONFIG['pass_scramble'] = $scrambleString; unset($scrambleString); -} +} // END - if // Check if there is no master salt string if (empty($_CONFIG['master_salt'])) { // Generate the master salt which is the first chars minus 40 chars of this random hash // We do an extra scrambling here... - $masterSalt = scrambleString(substr(generateHash(GEN_PASS(rand(128, 256))), 0, -40)); + $masterSalt = scrambleString(substr(generateHash(GEN_PASS(mt_rand(128, 256))), 0, -40)); // ... and store it there for future usage $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET master_salt='%s' WHERE config=0 LIMIT 1", - array($masterSalt), __FILE__, __LINE__); + array($masterSalt), __FILE__, __LINE__); // Also remember it in config $_CONFIG['master_salt'] = $masterSalt; unset($masterSalt); -} +} // END - if if (empty($_CONFIG['file_hash'])) { // Create filename from hashed random string - $file_hash = generateHash(GEN_PASS(rand(128, 256))); + $file_hash = generateHash(sha1(GEN_PASS(mt_rand(128, 256)))); $file = PATH."inc/.secret/.".$file_hash; // File hash was never created @@ -79,9 +79,9 @@ if (empty($_CONFIG['file_hash'])) { if ($fp != false) { // Could write to secret file! So let's generate the secret key... // 1. Count of chars to be taken from back of the string - $nums = rand(40, 45); + $nums = mt_rand(40, 45); // 2. Generate secret key from a randomized string - $secretKey = substr(generateHash(GEN_PASS(rand(128, 256))), -$nums); + $secretKey = substr(generateHash(GEN_PASS(mt_rand(128, 256))), -$nums); // 3. Write the key to the file fwrite($fp, $secretKey); // 4. Close file @@ -97,7 +97,7 @@ if (empty($_CONFIG['file_hash'])) { // Write $file_hash to database $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET file_hash='%s' WHERE config=0 LIMIT 1", - array($file_hash), __FILE__, __LINE__); + array($file_hash), __FILE__, __LINE__); // Also create .htaccess file $fp = @fopen(PATH."inc/.secret/.htaccess", 'w') or mxchange_die("Cannot write to .htaccess file!"); @@ -107,17 +107,13 @@ if (empty($_CONFIG['file_hash'])) { // Close the file fclose($fp); - } + } // END - if // Also update configuration $_CONFIG['secret_key'] = $secretKey; unset($secretKey); $_CONFIG['file_hash'] = $file_hash; unset($file_hash); - - // Don't miss the admin hash here... - $passHash = generatePassString(get_session('admin_md5')); - set_session('admin_md5', $passHash); - } -} + } // END - if +} // END - if // ?> \ No newline at end of file