[Bb-trac] [bbPress] #906: replace getmypid() with uniqid() to create
randomstate for password hashes
bbPress
bb-trac at lists.bbpress.org
Mon Jul 28 17:18:48 GMT 2008
#906: replace getmypid() with uniqid() to create randomstate for password hashes
--------------------------+-------------------------------------------------
Reporter: i_xiter | Owner:
Type: defect | Status: new
Priority: high | Milestone: 1.0-beta & XML-RPC
Component: Registration | Version: 0.9.1
Severity: normal | Keywords: getmypid, password hashes
--------------------------+-------------------------------------------------
In bb-includes/class-phpass.php on line 43, bbpress uses {{{getmypid()}}}
to create the randomstate for password hashes.
On shared hosting systems, {{{getmypid()}}} is disabled very often.
I replaced it with {{{uniqid()}}}, and bbpress didnt throw the WARNING
anymore.
{{{getmypid()}}} does not return a unique value in all cases. Especially
when PHP is running as an apache module in shared hosting sytems. Also for
this reason its much better to use {{{uniqid()}}}.
{{{uniqid()}}} gives a 13 digits value. {{{uniqid('', true)}}} even 23
digits. I think this should be good enough for the randomstate. ;)
Sorry if I did something wrong here. This is my first time with a TRAC
thingie, plus I am not a native english speaker. I hope I have done all
ticket property settings correctly.
--
Ticket URL: <http://trac.bbpress.org/ticket/906>
bbPress <http://bbpress.org/>
Innovative forum development
More information about the Bb-trac
mailing list