[wp-trac] [WordPress Trac] #28633: Generate better random numbers
WordPress Trac
noreply at wordpress.org
Sun Mar 22 23:33:48 UTC 2015
#28633: Generate better random numbers
-------------------------------------------+-----------------------------
Reporter: sarciszewski | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: needs-testing has-patch early | Focuses:
-------------------------------------------+-----------------------------
Changes (by dd32):
* keywords: needs-testing has-patch => needs-testing has-patch early
* severity: major => normal
* milestone: Awaiting Review => Future Release
Comment:
I'd prefer to land these changes at the start of a cycle, to allow for
full testing by everyone and to surface any issues from reliance upon any
of the functions.
Based on the PHP7 RFC, which looks like it'll succeed, we should change
the direction of the patch to simply provide a compat layer for the PHP7
function signatures instead, which will benefit us in the long term.
The changes:
- `wp_external_random_bytes()` -> `random_bytes()` not sure if the byte
length changes, or if it's a required param..
- `wp_external_rand()` -> `random_int()` which also needs to support
negative numbers, ie. `random_int( -1000, -10 )` should work.
- `wp_external_random_positive_int()` becomes an internal private
function, only defined when the wrapper for random_int is, however it
might not even be needed based on the negative number support for
`random_int()`
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28633#comment:40>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list