diff options
Diffstat (limited to 'app/Model')
| -rw-r--r-- | app/Model/Base.php | 19 | ||||
| -rw-r--r-- | app/Model/Config.php | 7 | ||||
| -rw-r--r-- | app/Model/Project.php | 3 | ||||
| -rw-r--r-- | app/Model/RememberMe.php | 8 |
4 files changed, 11 insertions, 26 deletions
diff --git a/app/Model/Base.php b/app/Model/Base.php index ddc06c3d..66185aeb 100644 --- a/app/Model/Base.php +++ b/app/Model/Base.php @@ -55,23 +55,4 @@ abstract class Base $this->db = $db; $this->event = $event; } - - /** - * Generate a random token with different methods: openssl or /dev/urandom or fallback to uniqid() - * - * @static - * @access public - * @return string Random token - */ - public static function generateToken() - { - if (function_exists('openssl_random_pseudo_bytes')) { - return bin2hex(\openssl_random_pseudo_bytes(16)); - } - else if (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { - return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30)); - } - - return hash('sha256', uniqid(mt_rand(), true)); - } } diff --git a/app/Model/Config.php b/app/Model/Config.php index 23abd8b5..469e6447 100644 --- a/app/Model/Config.php +++ b/app/Model/Config.php @@ -5,6 +5,7 @@ namespace Model; use SimpleValidator\Validator; use SimpleValidator\Validators; use Core\Translator; +use Core\Security; /** * Config model @@ -29,7 +30,7 @@ class Config extends Base */ public function getTimezones() { - $timezones = \timezone_identifiers_list(); + $timezones = timezone_identifiers_list(); return array_combine(array_values($timezones), $timezones); } @@ -171,12 +172,12 @@ class Config extends Base */ public function regenerateTokens() { - $this->db->table(self::TABLE)->update(array('webhooks_token' => $this->generateToken())); + $this->db->table(self::TABLE)->update(array('webhooks_token' => Security::generateToken())); $projects = $this->db->table(Project::TABLE)->findAllByColumn('id'); foreach ($projects as $project_id) { - $this->db->table(Project::TABLE)->eq('id', $project_id)->update(array('token' => $this->generateToken())); + $this->db->table(Project::TABLE)->eq('id', $project_id)->update(array('token' => Security::generateToken())); } } } diff --git a/app/Model/Project.php b/app/Model/Project.php index 9fbb0806..e1465012 100644 --- a/app/Model/Project.php +++ b/app/Model/Project.php @@ -5,6 +5,7 @@ namespace Model; use SimpleValidator\Validator; use SimpleValidator\Validators; use Event\TaskModification; +use Core\Security; /** * Project model @@ -363,7 +364,7 @@ class Project extends Base { $this->db->startTransaction(); - $values['token'] = self::generateToken(); + $values['token'] = Security::generateToken(); if (! $this->db->table(self::TABLE)->save($values)) { $this->db->cancelTransaction(); diff --git a/app/Model/RememberMe.php b/app/Model/RememberMe.php index 1494b14a..c9ef819f 100644 --- a/app/Model/RememberMe.php +++ b/app/Model/RememberMe.php @@ -2,6 +2,8 @@ namespace Model; +use Core\Security; + /** * RememberMe model * @@ -174,8 +176,8 @@ class RememberMe extends Base */ public function create($user_id, $ip, $user_agent) { - $token = hash('sha256', $user_id.$user_agent.$ip.$this->generateToken()); - $sequence = $this->generateToken(); + $token = hash('sha256', $user_id.$user_agent.$ip.Security::generateToken()); + $sequence = Security::generateToken(); $expiration = time() + self::EXPIRATION; $this->cleanup($user_id); @@ -225,7 +227,7 @@ class RememberMe extends Base */ public function update($token, $sequence) { - $new_sequence = $this->generateToken(); + $new_sequence = Security::generateToken(); $this->db ->table(self::TABLE) |