summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBharat Mediratta <bharat@menalto.com>2010-12-15 14:57:00 -0800
committerBharat Mediratta <bharat@menalto.com>2010-12-15 14:57:00 -0800
commitcd48b89f3166e7fa732b5cb06d33fba018af9127 (patch)
tree9ad981df0d736dc186463aac4676fdba2bc232b8
parent45c63f4d118bfc99924edb8685442035349af6db (diff)
Consolidate all the random code into a random helper that offers:
random::hash() random::string() random::percent() random::int() So that we don't have lots of different ways to get random values all over the code. Follow-on to #1527.
Diffstat
-rw-r--r--modules/digibug/controllers/digibug.php2
-rw-r--r--modules/digibug/tests/Digibug_Controller_Test.php2
-rw-r--r--modules/gallery/controllers/upgrader.php2
-rw-r--r--modules/gallery/helpers/access.php2
-rw-r--r--modules/gallery/helpers/block_manager.php2
-rw-r--r--modules/gallery/helpers/gallery_installer.php4
-rw-r--r--modules/gallery/helpers/item.php2
-rw-r--r--modules/gallery/helpers/random.php50
-rw-r--r--modules/gallery/models/item.php6
-rw-r--r--modules/gallery/tests/Albums_Controller_Test.php2
-rw-r--r--modules/gallery/tests/Cache_Test.php30
-rw-r--r--modules/gallery/tests/Item_Helper_Test.php2
-rw-r--r--modules/gallery/tests/Item_Model_Test.php14
-rw-r--r--modules/gallery_unit_test/helpers/test.php12
-rw-r--r--modules/rest/helpers/rest.php2
-rw-r--r--modules/rest/helpers/rest_event.php6
-rw-r--r--modules/user/controllers/password.php2
17 files changed, 96 insertions, 46 deletions
diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php
index a9e49de7..bc0c7c5e 100644
--- a/modules/digibug/controllers/digibug.php
+++ b/modules/digibug/controllers/digibug.php
@@ -28,7 +28,7 @@ class Digibug_Controller extends Controller {
$thumb_url = $item->thumb_url(true);
} else {
$proxy = ORM::factory("digibug_proxy");
- $proxy->uuid = md5(mt_rand());
+ $proxy->uuid = random::hash();
$proxy->item_id = $item->id;
$proxy->save();
$full_url = url::abs_site("digibug/print_proxy/full/$proxy->uuid");
diff --git a/modules/digibug/tests/Digibug_Controller_Test.php b/modules/digibug/tests/Digibug_Controller_Test.php
index 6f9e20df..d331b0ae 100644
--- a/modules/digibug/tests/Digibug_Controller_Test.php
+++ b/modules/digibug/tests/Digibug_Controller_Test.php
@@ -36,7 +36,7 @@ class Digibug_Controller_Test extends Gallery_Unit_Test_Case {
access::deny(identity::registered_users(), "view_full", $album);
$proxy = ORM::factory("digibug_proxy");
- $proxy->uuid = md5(mt_rand());
+ $proxy->uuid = random::hash();
$proxy->item_id = $photo->id;
return $proxy->save();
}
diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php
index 50f6b8f0..66c71648 100644
--- a/modules/gallery/controllers/upgrader.php
+++ b/modules/gallery/controllers/upgrader.php
@@ -23,7 +23,7 @@ class Upgrader_Controller extends Controller {
// Make sure we have an upgrade token
if (!($upgrade_token = $session->get("upgrade_token", null))) {
- $session->set("upgrade_token", $upgrade_token = md5(time() . mt_rand()));
+ $session->set("upgrade_token", $upgrade_token = random::hash());
}
// If the upgrade token exists, then bless this session
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php
index 6a948999..a7ac3f9f 100644
--- a/modules/gallery/helpers/access.php
+++ b/modules/gallery/helpers/access.php
@@ -426,7 +426,7 @@ class access_Core {
$session = Session::instance();
$csrf = $session->get("csrf");
if (empty($csrf)) {
- $csrf = md5(time() . mt_rand());
+ $csrf = random::hash();
$session->set("csrf", $csrf);
}
return $csrf;
diff --git a/modules/gallery/helpers/block_manager.php b/modules/gallery/helpers/block_manager.php
index e7247edc..4bd649c2 100644
--- a/modules/gallery/helpers/block_manager.php
+++ b/modules/gallery/helpers/block_manager.php
@@ -28,7 +28,7 @@ class block_manager_Core {
static function add($location, $module_name, $block_id) {
$blocks = block_manager::get_active($location);
- $blocks[mt_rand()] = array($module_name, $block_id);
+ $blocks[random::int()] = array($module_name, $block_id);
block_manager::set_active($location, $blocks);
}
diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index 9c42caad..a6b8e6a2 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -459,7 +459,7 @@ class gallery_installer {
$blocks = block_manager::get_active($location);
$new_blocks = array();
foreach ($blocks as $block) {
- $new_blocks[mt_rand()] = $block;
+ $new_blocks[random::int()] = $block;
}
block_manager::set_active($location, $new_blocks);
}
@@ -507,7 +507,7 @@ class gallery_installer {
->execute() as $row) {
$new_slug = item::convert_filename_to_slug($row->slug);
if (empty($new_slug)) {
- $new_slug = mt_rand();
+ $new_slug = random::int();
}
db::build()
->update("items")
diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php
index 052b1c8e..664da812 100644
--- a/modules/gallery/helpers/item.php
+++ b/modules/gallery/helpers/item.php
@@ -232,7 +232,7 @@ class item_Core {
// distributed so this is going to be more efficient with larger data sets.
return ORM::factory("item")
->viewable()
- ->where("rand_key", "<", ((float)mt_rand()) / (float)mt_getrandmax())
+ ->where("rand_key", "<", random::percent())
->order_by("rand_key", "DESC");
}
} \ No newline at end of file
diff --git a/modules/gallery/helpers/random.php b/modules/gallery/helpers/random.php
new file mode 100644
index 00000000..a26762bd
--- /dev/null
+++ b/modules/gallery/helpers/random.php
@@ -0,0 +1,50 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+class random_Core {
+ /**
+ * Return a random 32 bit hash value.
+ * @param string extra entropy data
+ */
+ static function hash($entropy="") {
+ return md5($entropy . uniqid(mt_rand(), true));
+ }
+
+ /**
+ * Return a random hexadecimal string of the given length.
+ * @param int the desired length of the string
+ */
+ static function string($length) {
+ return substr(random::hash(), 0, $length);
+ }
+
+ /**
+ * Return a random floating point number between 0 and 1
+ */
+ static function percent() {
+ return ((float)mt_rand()) / (float)mt_getrandmax();
+ }
+
+ /**
+ * Return a random number between 0 and mt_getrandmax()
+ */
+ static function int() {
+ return mt_rand();
+ }
+} \ No newline at end of file
diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php
index b6713fc3..ad577066 100644
--- a/modules/gallery/models/item.php
+++ b/modules/gallery/models/item.php
@@ -28,7 +28,7 @@ class Item_Model_Core extends ORM_MPTT {
if (!$this->loaded()) {
// Set reasonable defaults
$this->created = time();
- $this->rand_key = ((float)mt_rand()) / (float)mt_getrandmax();
+ $this->rand_key = random::percent();
$this->thumb_dirty = 1;
$this->resize_dirty = 1;
$this->sort_column = "created";
@@ -390,7 +390,7 @@ class Item_Model_Core extends ORM_MPTT {
if (file_exists($this->resize_path()) ||
file_exists($this->thumb_path())) {
$pi = pathinfo($this->name);
- $this->name = $pi["filename"] . "-" . mt_rand() . "." . $pi["extension"];
+ $this->name = $pi["filename"] . "-" . random::int() . "." . $pi["extension"];
parent::save();
}
@@ -512,7 +512,7 @@ class Item_Model_Core extends ORM_MPTT {
->or_where("slug", "=", $this->slug)
->close()
->find()->id) {
- $rand = mt_rand();
+ $rand = random::int();
if ($base_ext) {
$this->name = "$base_name-$rand.$base_ext";
} else {
diff --git a/modules/gallery/tests/Albums_Controller_Test.php b/modules/gallery/tests/Albums_Controller_Test.php
index 86c74890..35a3bdbb 100644
--- a/modules/gallery/tests/Albums_Controller_Test.php
+++ b/modules/gallery/tests/Albums_Controller_Test.php
@@ -31,7 +31,7 @@ class Albums_Controller_Test extends Gallery_Unit_Test_Case {
$album = test::random_album();
// Randomize to avoid conflicts.
- $new_name = "new_name_" . mt_rand();
+ $new_name = "new_name_" . random::string(6);
$_POST["name"] = $new_name;
$_POST["title"] = "new title";
diff --git a/modules/gallery/tests/Cache_Test.php b/modules/gallery/tests/Cache_Test.php
index 6cee2862..b95ef0a2 100644
--- a/modules/gallery/tests/Cache_Test.php
+++ b/modules/gallery/tests/Cache_Test.php
@@ -27,7 +27,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
public function cache_exists_test() {
$this->assert_false($this->_driver->exists("test_key"), "test_key should not be defined");
- $id = md5(mt_rand());
+ $id = random::hash();
db::build()
->insert("caches")
->columns("key", "tags", "expiration", "cache")
@@ -38,7 +38,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_get_test() {
- $id = md5(mt_rand());
+ $id = random::hash();
db::build()
->insert("caches")
@@ -54,7 +54,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_set_test() {
- $id = md5(mt_rand());
+ $id = random::hash();
$original_data = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id => $original_data), array("tag1", "tag2"), 84600);
@@ -63,15 +63,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_get_tag_test() {
- $id1 = md5(mt_rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(mt_rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 84600);
- $id3 = md5(mt_rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -86,15 +86,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_id_test() {
- $id1 = md5(mt_rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(mt_rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(mt_rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -106,15 +106,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_tag_test() {
- $id1 = md5(mt_rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(mt_rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(mt_rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -126,15 +126,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_all_test() {
- $id1 = md5(mt_rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(mt_rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(mt_rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php
index c93cc239..26db5a63 100644
--- a/modules/gallery/tests/Item_Helper_Test.php
+++ b/modules/gallery/tests/Item_Helper_Test.php
@@ -92,7 +92,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case {
}
public function move_conflicts_result_in_a_rename_test() {
- $rand = mt_rand();
+ $rand = random::int();
$photo1 = test::random_photo_unsaved(item::root());
$photo1->name = "{$rand}.jpg";
$photo1->slug = (string)$rand;
diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php
index 0d6d10af..4987d2f9 100644
--- a/modules/gallery/tests/Item_Model_Test.php
+++ b/modules/gallery/tests/Item_Model_Test.php
@@ -278,10 +278,10 @@ class Item_Model_Test extends Gallery_Unit_Test_Case {
public function basic_validation_test() {
$item = ORM::factory("item");
- $item->album_cover_item_id = mt_rand(); // invalid
+ $item->album_cover_item_id = random::int(); // invalid
$item->description = str_repeat("x", 70000); // invalid
$item->name = null;
- $item->parent_id = mt_rand();
+ $item->parent_id = random::int();
$item->slug = null;
$item->sort_column = "bogus";
$item->sort_order = "bogus";
@@ -411,24 +411,24 @@ class Item_Model_Test extends Gallery_Unit_Test_Case {
public function urls_test() {
$photo = test::random_photo();
$this->assert_true(
- preg_match("|http://./var/resizes/name_\d+\.jpg\?m=\d+|", $photo->resize_url()),
+ preg_match("|http://./var/resizes/name_\w+\.jpg\?m=\d+|", $photo->resize_url()),
$photo->resize_url() . " is malformed");
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+\.jpg\?m=\d+|", $photo->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+\.jpg\?m=\d+|", $photo->thumb_url()),
$photo->thumb_url() . " is malformed");
$this->assert_true(
- preg_match("|http://./var/albums/name_\d+\.jpg\?m=\d+|", $photo->file_url()),
+ preg_match("|http://./var/albums/name_\w+\.jpg\?m=\d+|", $photo->file_url()),
$photo->file_url() . " is malformed");
// Albums have special thumbnails. Empty album has cachebuster of 0 since it has no thumbnail
$album = test::random_album();
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=0|", $album->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=0|", $album->thumb_url()),
$album->thumb_url() . " is malformed");
$photo = test::random_photo($album);
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=\d+|", $album->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=\d+|", $album->thumb_url()),
$album->thumb_url() . " is malformed");
}
diff --git a/modules/gallery_unit_test/helpers/test.php b/modules/gallery_unit_test/helpers/test.php
index d5149492..65c7f6b4 100644
--- a/modules/gallery_unit_test/helpers/test.php
+++ b/modules/gallery_unit_test/helpers/test.php
@@ -19,7 +19,7 @@
*/
class test_Core {
static function random_album_unsaved($parent=null) {
- $rand = mt_rand();
+ $rand = random::string(6);
$album = ORM::factory("item");
$album->type = "album";
@@ -34,7 +34,7 @@ class test_Core {
}
static function random_photo_unsaved($parent=null) {
- $rand = mt_rand();
+ $rand = random::string(6);
$photo = ORM::factory("item");
$photo->type = "photo";
$photo->parent_id = $parent ? $parent->id : 1;
@@ -49,16 +49,16 @@ class test_Core {
}
static function random_user($password="password") {
- $rand = "name_" . mt_rand();
+ $rand = "name_" . random::string(6);
return identity::create_user($rand, $rand, $password, "$rand@rand.com");
}
static function random_group() {
- return identity::create_group((string)mt_rand());
+ return identity::create_group(random::string(6));
}
static function random_name($item=null) {
- $rand = "name_" . mt_rand();
+ $rand = "name_" . random::string(6);
if ($item && $item->is_photo()) {
$rand .= ".jpg";
}
@@ -77,7 +77,7 @@ class test_Core {
static function random_tag() {
$tag = ORM::factory("tag");
- $tag->name = (string)mt_rand();
+ $tag->name = random::string(6);
// Reload so that ORM coerces all fields into strings.
return $tag->save()->reload();
diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php
index 58943700..9406e209 100644
--- a/modules/rest/helpers/rest.php
+++ b/modules/rest/helpers/rest.php
@@ -104,7 +104,7 @@ class rest_Core {
if (!$key->loaded()) {
$key->user_id = identity::active_user()->id;
- $key->access_key = md5(md5(uniqid(mt_rand(), true) . access::private_key()));
+ $key->access_key = md5(random::hash() . access::private_key());
$key->save();
}
diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php
index 4d7a4a1b..9e241bd0 100644
--- a/modules/rest/helpers/rest_event.php
+++ b/modules/rest/helpers/rest_event.php
@@ -43,7 +43,7 @@ class rest_event {
static function user_add_form_admin_completed($user, $form) {
$key = ORM::factory("user_access_key");
$key->user_id = $user->id;
- $key->access_key = md5($user->name . time() . mt_rand());
+ $key->access_key = random::hash($user->name);
$key->save();
}
@@ -64,7 +64,7 @@ class rest_event {
if (!$key->loaded()) {
$key->user_id = $user->id;
- $key->access_key = md5($user->name . time() . mt_rand());
+ $key->access_key = random::hash($user->name);
$key->save();
}
@@ -93,7 +93,7 @@ class rest_event {
if (!$key->loaded()) {
$key->user_id = $data->user->id;
- $key->access_key = md5($data->user->name . time() . mt_rand());
+ $key->access_key = random::hash($data->user->name);
$key->save();
}
$view->rest_key = $key->access_key;
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 2e5eac5f..567e56dc 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -51,7 +51,7 @@ class Password_Controller extends Controller {
$user_name = $form->reset->inputs["name"]->value;
$user = user::lookup_by_name($user_name);
if ($user && !empty($user->email)) {
- $user->hash = md5(uniqid(mt_rand(), true));
+ $user->hash = random::hash();
$user->save();
$message = new View("reset_password.html");
$message->confirm_url = url::abs_site("password/do_reset?key=$user->hash");
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 03:03:25 +0000