Dopolnitve kripto funkcij

2023-01-23 19:41:39 +01:00 · 2023-01-23 19:41:39 +01:00 · 989ea21d33
commit 989ea21d33
parent 03ce2bf852
13 changed files with 21 additions and 20 deletions
--- a/admin/survey/api/class.ApiSurvey.php
+++ b/admin/survey/api/class.ApiSurvey.php
@ -3979,10 +3979,10 @@ class ApiSurvey {
        if ($ank_id != '' && $email != '') {

            // Zgeneriramo nakljucno geslo, ki se ne obstaja v bazi
-            $pass = substr(md5(microtime()), rand(0, 26), 5);
+            $pass = substr(md5(microtime()), random_int(0, 26), 5);
            $sql = sisplet_query("SELECT * FROM srv_evoli_landingPage_access WHERE pass='" . $pass . "'");
            while (mysqli_num_rows($sql) > 0) {
-                $pass = substr(md5(microtime()), rand(0, 26), 5);
+                $pass = substr(md5(microtime()), random_int(0, 26), 5);
                $sql = sisplet_query("SELECT * FROM srv_evoli_landingPage_access WHERE pass='" . $pass . "'");
            }

--- a/admin/survey/classes/class.Common.php
+++ b/admin/survey/classes/class.Common.php
@ -2071,7 +2071,7 @@ class Common {
        while(!$unique){

            // Zgeneriramo random string z 8 znaki
-            $hash = substr(md5(uniqid(mt_rand(), true)), 0, 8);
+            $hash = substr(md5(uniqid(random_int(), true)), 0, 8);

            // Preverimo ce slucajno ze obstaja v bazi
            $sql = sisplet_query("SELECT 1 FROM srv_anketa WHERE hash='".$hash."' LIMIT 1");
--- a/admin/survey/classes/class.Forum.php
+++ b/admin/survey/classes/class.Forum.php
@ -205,7 +205,7 @@ class Forum {

 						$result = sisplet_query ("SELECT * FROM users WHERE name='$a2' AND surname=''");
 						while (mysqli_num_rows ($result) > 0) {
-							$a2 = $avtor .rand(0, 32767);
+							$a2 = $avtor .random_int(0, 32767);
 							$result = sisplet_query ("SELECT * FROM users WHERE name='$a2' AND surname=''");
 						}

--- a/admin/survey/classes/class.SurveyAppendMerge.php
+++ b/admin/survey/classes/class.SurveyAppendMerge.php
@ -555,7 +555,7 @@ class SurveyAppendMerge {
 		// izberemo random hash, ki se ni v bazi
        $ip = GetIP();
 		do {
-			$rand = md5(mt_rand(1, mt_getrandmax()).'@'.$ip);
+			$rand = md5(random_int(1, PHP_INT_MAX).'@'.$ip);
 			$sql = sisplet_query("SELECT id FROM srv_user WHERE cookie = '$rand'");
 		} while (mysqli_num_rows($sql) > 0);
 			
--- a/admin/survey/classes/class.SurveyExportProfiles.php
+++ b/admin/survey/classes/class.SurveyExportProfiles.php
@ -232,7 +232,7 @@ class SurveyExportProfiles
 			$numrows = mysqli_num_rows($sqlProfileSetting);
 			if ($numrows != 0) { // ime že obstaja zgeneriramo novo
 				srand(time());
-				$profileName .= rand(0, 9);
+				$profileName .= random_int(0, 9);
 			}
 		} while ($numrows != 0);

@ -278,7 +278,7 @@ class SurveyExportProfiles
 				$numrows = mysqli_num_rows($sqlProfileSetting);
 				if ($numrows != 0) { // ime že obstaja zgeneriramo novo
 					srand(time());
-					$newProfileName .= rand(0, 9);
+					$newProfileName .= random_int(0, 9);
 				}
 			} while ($numrows != 0);
 			
--- a/admin/survey/classes/class.SurveyLanguageTechnology.php
+++ b/admin/survey/classes/class.SurveyLanguageTechnology.php
@ -489,7 +489,7 @@ class SurveyLanguageTechnology {
 		$rand = null;
 		$x = 0;
 		do {
-			$rand = md5(mt_rand(1, mt_getrandmax()).'@'.$_SERVER['REMOTE_ADDR']);
+			$rand = md5(random_int(1, PHP_INT_MAX).'@'.$_SERVER['REMOTE_ADDR']);
 			$filename = $folder . "lt_" . $rand . '.xlsx';
 			$x++;
 		} while (file_exists($filename) === true && $x < 99999); // backup loop
--- a/admin/survey/classes/class.SurveyVariablesProfiles.php
+++ b/admin/survey/classes/class.SurveyVariablesProfiles.php
@ -547,7 +547,7 @@ class SurveyVariablesProfiles
 			if ($numrows != 0) 
 			{ # ime že obstaja zgeneriramo novo
 				srand(time());
-				$profileName .= rand(0, 9);
+				$profileName .= random_int(0, 9);
 			}
 		} 
 		while ($numrows != 0);
@ -616,7 +616,7 @@ class SurveyVariablesProfiles
 				$numrows = mysqli_num_rows($sqlProfileSetting);
 				if ($numrows != 0) { // ime že obstaja zgeneriramo novo
 					srand(time());
-					$newProfileName .= rand(0, 9);
+					$newProfileName .= random_int(0, 9);
 				}
 			} while ($numrows != 0);
 				
--- a/admin/survey/classes/class.SurveyZankaProfiles.php
+++ b/admin/survey/classes/class.SurveyZankaProfiles.php
@ -437,7 +437,7 @@ class SurveyZankaProfiles {
 			$numrows = mysqli_num_rows($sqlProfileSetting);
 			if ($numrows != 0) { // ime že obstaja zgeneriramo novo
 				srand(time());
-				$profileName .= rand(0, 9);
+				$profileName .= random_int(0, 9);
 			}
 		} while ($numrows != 0);
 		
--- a/admin/survey/excel/PHPExcel/Shared/JAMA/examples/polyfit.php
+++ b/admin/survey/excel/PHPExcel/Shared/JAMA/examples/polyfit.php
@ -66,7 +66,7 @@ printpoly(polyfit($X, $Y, 5));
 echo '<hr />';

 $X = array(0,1,2,3,4);
-$Y = array(mt_rand(0, 10), mt_rand(40, 80), mt_rand(240, 400), mt_rand(1800, 2215), mt_rand(8000, 9000));
+$Y = array(random_int(0, 10), random_int(40, 80), random_int(240, 400), random_int(1800, 2215), random_int(8000, 9000));
 $points = new Matrix(array($X, $Y));
 $points->toHTML();
 printpoly(polyfit($X, $Y, 3));
--- a/admin/survey/excel/PHPExcel/Worksheet/MemoryDrawing.php
+++ b/admin/survey/excel/PHPExcel/Worksheet/MemoryDrawing.php
@ -84,7 +84,7 @@ class PHPExcel_Worksheet_MemoryDrawing extends PHPExcel_Worksheet_BaseDrawing im
    	$this->_imageResource		= null;
    	$this->_renderingFunction 	= self::RENDERING_DEFAULT;
    	$this->_mimeType			= self::MIMETYPE_DEFAULT;
-    	$this->_uniqueName			= md5(rand(0, 9999). time() . rand(0, 9999));
+    	$this->_uniqueName			= md5(random_int(0, 9999). time() . random_int(0, 9999));

    	// Initialize parent
    	parent::__construct();
--- a/admin/survey/excel/PHPExcel/Writer/Excel2007/Chart.php
+++ b/admin/survey/excel/PHPExcel/Writer/Excel2007/Chart.php
@ -300,11 +300,7 @@ class PHPExcel_Writer_Excel2007_Chart extends PHPExcel_Writer_Excel2007_WriterPa
 							$objWriter->endElement();
 					}

-					//	Generate 2 unique numbers to use for axId values
-//					$id1 = $id2 = rand(10000000,99999999);
-//					do {
-//						$id2 = rand(10000000,99999999);
-//					} while ($id1 == $id2);
+
 					$id1 = '75091328';
 					$id2 = '75089408';

--- a/admin/survey/minify/vendor/monolog/monolog/src/Monolog/Handler/SamplingHandler.php
+++ b/admin/survey/minify/vendor/monolog/monolog/src/Monolog/Handler/SamplingHandler.php
@ -59,7 +59,7 @@ class SamplingHandler extends AbstractHandler

    public function handle(array $record)
    {
-        if ($this->isHandling($record) && mt_rand(1, $this->factor) === 1) {
+        if ($this->isHandling($record) && random_int(1, $this->factor) === 1) {
            // The same logic as in FingersCrossedHandler
            if (!$this->handler instanceof HandlerInterface) {
                $this->handler = call_user_func($this->handler, $record, $this);
--- a/utils/SurveySyncMergeImport.php
+++ b/utils/SurveySyncMergeImport.php
@ -70,7 +70,12 @@ if ($handle = opendir($sync_server_path)) {

                        if (count($struktura) == 0) {
                            
-                            mysql_query ("UPDATE srv_fieldwork SET lastnum='" .intval(substr_count($raw, '"recnum"')) ."' WHERE id='" .intval($r[1]) ."'");
+                            $updateQuery = "UPDATE "
+                                    . "srv_fieldwork "
+                                    . "SET lastnum='" .intval(substr_count($raw, '"recnum"')) ."' "
+                                    . "WHERE id='" .intval($r[1]) ."'" ;
+                            
+                            mysql_query ($updateQuery);
                            
        //                    $struktura['version'] = $kljuc['version'];
                            $struktura['version'] = time();