SimpleMachines /
SMF2.1
@@ -1721,7 +1721,7 @@ discard block |
||
| 1721 | 1721 | { |
| 1722 | 1722 | // Avoid double separators and empty titled sections |
| 1723 | 1723 | $empty_section = true; |
| 1724 | - for ($j=$i+1; $j < count($context['theme_options']); $j++) |
|
| 1724 | + for ($j = $i + 1; $j < count($context['theme_options']); $j++) |
|
| 1725 | 1725 | { |
| 1726 | 1726 | // Found another separator, so we're done |
| 1727 | 1727 | if (!is_array($context['theme_options'][$j])) |
@@ -2700,8 +2700,7 @@ discard block |
||
| 2700 | 2700 | foreach ($context['post_errors'] as $error) |
| 2701 | 2701 | { |
| 2702 | 2702 | $text_key_error = $error == 'password_short' ? |
| 2703 | - sprintf($txt['profile_error_' . $error], (empty($modSettings['password_strength']) ? 4 : 8)) : |
|
| 2704 | - $txt['profile_error_' . $error]; |
|
| 2703 | + sprintf($txt['profile_error_' . $error], (empty($modSettings['password_strength']) ? 4 : 8)) : $txt['profile_error_' . $error]; |
|
| 2705 | 2704 | |
| 2706 | 2705 | echo ' |
| 2707 | 2706 | <li>', isset($txt['profile_error_' . $error]) ? $text_key_error : $error, '</li>'; |
@@ -27,164 +27,164 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!defined('RANDOM_COMPAT_READ_BUFFER')) { |
| 30 | - define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 30 | + define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 31 | 31 | } |
| 32 | 32 | |
| 33 | 33 | if (!is_callable('random_bytes')) { |
| 34 | - /** |
|
| 35 | - * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | - * random numbers in accordance with best practices |
|
| 37 | - * |
|
| 38 | - * Why we use /dev/urandom and not /dev/random |
|
| 39 | - * @ref https://www.2uo.de/myths-about-urandom |
|
| 40 | - * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 41 | - * |
|
| 42 | - * @param int $bytes |
|
| 43 | - * |
|
| 44 | - * @throws Exception |
|
| 45 | - * |
|
| 46 | - * @return string |
|
| 47 | - */ |
|
| 48 | - function random_bytes($bytes) |
|
| 49 | - { |
|
| 50 | - /** @var resource $fp */ |
|
| 51 | - static $fp = null; |
|
| 34 | + /** |
|
| 35 | + * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | + * random numbers in accordance with best practices |
|
| 37 | + * |
|
| 38 | + * Why we use /dev/urandom and not /dev/random |
|
| 39 | + * @ref https://www.2uo.de/myths-about-urandom |
|
| 40 | + * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 41 | + * |
|
| 42 | + * @param int $bytes |
|
| 43 | + * |
|
| 44 | + * @throws Exception |
|
| 45 | + * |
|
| 46 | + * @return string |
|
| 47 | + */ |
|
| 48 | + function random_bytes($bytes) |
|
| 49 | + { |
|
| 50 | + /** @var resource $fp */ |
|
| 51 | + static $fp = null; |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * This block should only be run once |
|
| 55 | - */ |
|
| 56 | - if (empty($fp)) { |
|
| 57 | - /** |
|
| 58 | - * We don't want to ever read C:\dev\random, only /dev/urandom on |
|
| 59 | - * Unix-like operating systems. While we guard against this |
|
| 60 | - * condition in random.php, it doesn't hurt to be defensive in depth |
|
| 61 | - * here. |
|
| 62 | - * |
|
| 63 | - * To that end, we only try to open /dev/urandom if we're on a Unix- |
|
| 64 | - * like operating system (which means the directory separator is set |
|
| 65 | - * to "/" not "\". |
|
| 66 | - */ |
|
| 67 | - if (DIRECTORY_SEPARATOR === '/') { |
|
| 68 | - if (!is_readable('/dev/urandom')) { |
|
| 69 | - throw new Exception( |
|
| 70 | - 'Environment misconfiguration: ' . |
|
| 71 | - '/dev/urandom cannot be read.' |
|
| 72 | - ); |
|
| 73 | - } |
|
| 74 | - /** |
|
| 75 | - * We use /dev/urandom if it is a char device. |
|
| 76 | - * We never fall back to /dev/random |
|
| 77 | - */ |
|
| 78 | - /** @var resource|bool $fp */ |
|
| 79 | - $fp = fopen('/dev/urandom', 'rb'); |
|
| 80 | - if (is_resource($fp)) { |
|
| 81 | - /** @var array<string, int> $st */ |
|
| 82 | - $st = fstat($fp); |
|
| 83 | - if (($st['mode'] & 0170000) !== 020000) { |
|
| 84 | - fclose($fp); |
|
| 85 | - $fp = false; |
|
| 86 | - } |
|
| 87 | - } |
|
| 88 | - } |
|
| 53 | + /** |
|
| 54 | + * This block should only be run once |
|
| 55 | + */ |
|
| 56 | + if (empty($fp)) { |
|
| 57 | + /** |
|
| 58 | + * We don't want to ever read C:\dev\random, only /dev/urandom on |
|
| 59 | + * Unix-like operating systems. While we guard against this |
|
| 60 | + * condition in random.php, it doesn't hurt to be defensive in depth |
|
| 61 | + * here. |
|
| 62 | + * |
|
| 63 | + * To that end, we only try to open /dev/urandom if we're on a Unix- |
|
| 64 | + * like operating system (which means the directory separator is set |
|
| 65 | + * to "/" not "\". |
|
| 66 | + */ |
|
| 67 | + if (DIRECTORY_SEPARATOR === '/') { |
|
| 68 | + if (!is_readable('/dev/urandom')) { |
|
| 69 | + throw new Exception( |
|
| 70 | + 'Environment misconfiguration: ' . |
|
| 71 | + '/dev/urandom cannot be read.' |
|
| 72 | + ); |
|
| 73 | + } |
|
| 74 | + /** |
|
| 75 | + * We use /dev/urandom if it is a char device. |
|
| 76 | + * We never fall back to /dev/random |
|
| 77 | + */ |
|
| 78 | + /** @var resource|bool $fp */ |
|
| 79 | + $fp = fopen('/dev/urandom', 'rb'); |
|
| 80 | + if (is_resource($fp)) { |
|
| 81 | + /** @var array<string, int> $st */ |
|
| 82 | + $st = fstat($fp); |
|
| 83 | + if (($st['mode'] & 0170000) !== 020000) { |
|
| 84 | + fclose($fp); |
|
| 85 | + $fp = false; |
|
| 86 | + } |
|
| 87 | + } |
|
| 88 | + } |
|
| 89 | 89 | |
| 90 | - if (is_resource($fp)) { |
|
| 91 | - /** |
|
| 92 | - * stream_set_read_buffer() does not exist in HHVM |
|
| 93 | - * |
|
| 94 | - * If we don't set the stream's read buffer to 0, PHP will |
|
| 95 | - * internally buffer 8192 bytes, which can waste entropy |
|
| 96 | - * |
|
| 97 | - * stream_set_read_buffer returns 0 on success |
|
| 98 | - */ |
|
| 99 | - if (is_callable('stream_set_read_buffer')) { |
|
| 100 | - stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 101 | - } |
|
| 102 | - if (is_callable('stream_set_chunk_size')) { |
|
| 103 | - stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 104 | - } |
|
| 105 | - } |
|
| 106 | - } |
|
| 90 | + if (is_resource($fp)) { |
|
| 91 | + /** |
|
| 92 | + * stream_set_read_buffer() does not exist in HHVM |
|
| 93 | + * |
|
| 94 | + * If we don't set the stream's read buffer to 0, PHP will |
|
| 95 | + * internally buffer 8192 bytes, which can waste entropy |
|
| 96 | + * |
|
| 97 | + * stream_set_read_buffer returns 0 on success |
|
| 98 | + */ |
|
| 99 | + if (is_callable('stream_set_read_buffer')) { |
|
| 100 | + stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 101 | + } |
|
| 102 | + if (is_callable('stream_set_chunk_size')) { |
|
| 103 | + stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 104 | + } |
|
| 105 | + } |
|
| 106 | + } |
|
| 107 | 107 | |
| 108 | - try { |
|
| 109 | - /** @var int $bytes */ |
|
| 110 | - $bytes = RandomCompat_intval($bytes); |
|
| 111 | - } catch (TypeError $ex) { |
|
| 112 | - throw new TypeError( |
|
| 113 | - 'random_bytes(): $bytes must be an integer' |
|
| 114 | - ); |
|
| 115 | - } |
|
| 108 | + try { |
|
| 109 | + /** @var int $bytes */ |
|
| 110 | + $bytes = RandomCompat_intval($bytes); |
|
| 111 | + } catch (TypeError $ex) { |
|
| 112 | + throw new TypeError( |
|
| 113 | + 'random_bytes(): $bytes must be an integer' |
|
| 114 | + ); |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - if ($bytes < 1) { |
|
| 118 | - throw new Error( |
|
| 119 | - 'Length must be greater than 0' |
|
| 120 | - ); |
|
| 121 | - } |
|
| 117 | + if ($bytes < 1) { |
|
| 118 | + throw new Error( |
|
| 119 | + 'Length must be greater than 0' |
|
| 120 | + ); |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * This if() block only runs if we managed to open a file handle |
|
| 125 | - * |
|
| 126 | - * It does not belong in an else {} block, because the above |
|
| 127 | - * if (empty($fp)) line is logic that should only be run once per |
|
| 128 | - * page load. |
|
| 129 | - */ |
|
| 130 | - if (is_resource($fp)) { |
|
| 131 | - /** |
|
| 132 | - * @var int |
|
| 133 | - */ |
|
| 134 | - $remaining = $bytes; |
|
| 123 | + /** |
|
| 124 | + * This if() block only runs if we managed to open a file handle |
|
| 125 | + * |
|
| 126 | + * It does not belong in an else {} block, because the above |
|
| 127 | + * if (empty($fp)) line is logic that should only be run once per |
|
| 128 | + * page load. |
|
| 129 | + */ |
|
| 130 | + if (is_resource($fp)) { |
|
| 131 | + /** |
|
| 132 | + * @var int |
|
| 133 | + */ |
|
| 134 | + $remaining = $bytes; |
|
| 135 | 135 | |
| 136 | - /** |
|
| 137 | - * @var string|bool |
|
| 138 | - */ |
|
| 139 | - $buf = ''; |
|
| 136 | + /** |
|
| 137 | + * @var string|bool |
|
| 138 | + */ |
|
| 139 | + $buf = ''; |
|
| 140 | 140 | |
| 141 | - /** |
|
| 142 | - * We use fread() in a loop to protect against partial reads |
|
| 143 | - */ |
|
| 144 | - do { |
|
| 145 | - /** |
|
| 146 | - * @var string|bool |
|
| 147 | - */ |
|
| 148 | - $read = fread($fp, $remaining); |
|
| 149 | - if (!is_string($read)) { |
|
| 150 | - /** |
|
| 151 | - * We cannot safely read from the file. Exit the |
|
| 152 | - * do-while loop and trigger the exception condition |
|
| 153 | - * |
|
| 154 | - * @var string|bool |
|
| 155 | - */ |
|
| 156 | - $buf = false; |
|
| 157 | - break; |
|
| 158 | - } |
|
| 159 | - /** |
|
| 160 | - * Decrease the number of bytes returned from remaining |
|
| 161 | - */ |
|
| 162 | - $remaining -= RandomCompat_strlen($read); |
|
| 163 | - /** |
|
| 164 | - * @var string $buf |
|
| 165 | - */ |
|
| 166 | - $buf .= $read; |
|
| 167 | - } while ($remaining > 0); |
|
| 141 | + /** |
|
| 142 | + * We use fread() in a loop to protect against partial reads |
|
| 143 | + */ |
|
| 144 | + do { |
|
| 145 | + /** |
|
| 146 | + * @var string|bool |
|
| 147 | + */ |
|
| 148 | + $read = fread($fp, $remaining); |
|
| 149 | + if (!is_string($read)) { |
|
| 150 | + /** |
|
| 151 | + * We cannot safely read from the file. Exit the |
|
| 152 | + * do-while loop and trigger the exception condition |
|
| 153 | + * |
|
| 154 | + * @var string|bool |
|
| 155 | + */ |
|
| 156 | + $buf = false; |
|
| 157 | + break; |
|
| 158 | + } |
|
| 159 | + /** |
|
| 160 | + * Decrease the number of bytes returned from remaining |
|
| 161 | + */ |
|
| 162 | + $remaining -= RandomCompat_strlen($read); |
|
| 163 | + /** |
|
| 164 | + * @var string $buf |
|
| 165 | + */ |
|
| 166 | + $buf .= $read; |
|
| 167 | + } while ($remaining > 0); |
|
| 168 | 168 | |
| 169 | - /** |
|
| 170 | - * Is our result valid? |
|
| 171 | - * @var string|bool $buf |
|
| 172 | - */ |
|
| 173 | - if (is_string($buf)) { |
|
| 174 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 175 | - /** |
|
| 176 | - * Return our random entropy buffer here: |
|
| 177 | - */ |
|
| 178 | - return $buf; |
|
| 179 | - } |
|
| 180 | - } |
|
| 181 | - } |
|
| 169 | + /** |
|
| 170 | + * Is our result valid? |
|
| 171 | + * @var string|bool $buf |
|
| 172 | + */ |
|
| 173 | + if (is_string($buf)) { |
|
| 174 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 175 | + /** |
|
| 176 | + * Return our random entropy buffer here: |
|
| 177 | + */ |
|
| 178 | + return $buf; |
|
| 179 | + } |
|
| 180 | + } |
|
| 181 | + } |
|
| 182 | 182 | |
| 183 | - /** |
|
| 184 | - * If we reach here, PHP has failed us. |
|
| 185 | - */ |
|
| 186 | - throw new Exception( |
|
| 187 | - 'Error reading from source device' |
|
| 188 | - ); |
|
| 189 | - } |
|
| 183 | + /** |
|
| 184 | + * If we reach here, PHP has failed us. |
|
| 185 | + */ |
|
| 186 | + throw new Exception( |
|
| 187 | + 'Error reading from source device' |
|
| 188 | + ); |
|
| 189 | + } |
|
| 190 | 190 | } |
@@ -26,11 +26,13 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!defined('RANDOM_COMPAT_READ_BUFFER')) { |
|
| 29 | +if (!defined('RANDOM_COMPAT_READ_BUFFER')) |
|
| 30 | +{ |
|
| 30 | 31 | define('RANDOM_COMPAT_READ_BUFFER', 8); |
| 31 | 32 | } |
| 32 | 33 | |
| 33 | -if (!is_callable('random_bytes')) { |
|
| 34 | +if (!is_callable('random_bytes')) |
|
| 35 | +{ |
|
| 34 | 36 | /** |
| 35 | 37 | * Unless open_basedir is enabled, use /dev/urandom for |
| 36 | 38 | * random numbers in accordance with best practices |
@@ -53,7 +55,8 @@ discard block |
||
| 53 | 55 | /** |
| 54 | 56 | * This block should only be run once |
| 55 | 57 | */ |
| 56 | - if (empty($fp)) { |
|
| 58 | + if (empty($fp)) |
|
| 59 | + { |
|
| 57 | 60 | /** |
| 58 | 61 | * We don't want to ever read C:\dev\random, only /dev/urandom on |
| 59 | 62 | * Unix-like operating systems. While we guard against this |
@@ -64,8 +67,10 @@ discard block |
||
| 64 | 67 | * like operating system (which means the directory separator is set |
| 65 | 68 | * to "/" not "\". |
| 66 | 69 | */ |
| 67 | - if (DIRECTORY_SEPARATOR === '/') { |
|
| 68 | - if (!is_readable('/dev/urandom')) { |
|
| 70 | + if (DIRECTORY_SEPARATOR === '/') |
|
| 71 | + { |
|
| 72 | + if (!is_readable('/dev/urandom')) |
|
| 73 | + { |
|
| 69 | 74 | throw new Exception( |
| 70 | 75 | 'Environment misconfiguration: ' . |
| 71 | 76 | '/dev/urandom cannot be read.' |
@@ -77,17 +82,20 @@ discard block |
||
| 77 | 82 | */ |
| 78 | 83 | /** @var resource|bool $fp */ |
| 79 | 84 | $fp = fopen('/dev/urandom', 'rb'); |
| 80 | - if (is_resource($fp)) { |
|
| 85 | + if (is_resource($fp)) |
|
| 86 | + { |
|
| 81 | 87 | /** @var array<string, int> $st */ |
| 82 | 88 | $st = fstat($fp); |
| 83 | - if (($st['mode'] & 0170000) !== 020000) { |
|
| 89 | + if (($st['mode'] & 0170000) !== 020000) |
|
| 90 | + { |
|
| 84 | 91 | fclose($fp); |
| 85 | 92 | $fp = false; |
| 86 | 93 | } |
| 87 | 94 | } |
| 88 | 95 | } |
| 89 | 96 | |
| 90 | - if (is_resource($fp)) { |
|
| 97 | + if (is_resource($fp)) |
|
| 98 | + { |
|
| 91 | 99 | /** |
| 92 | 100 | * stream_set_read_buffer() does not exist in HHVM |
| 93 | 101 | * |
@@ -96,25 +104,31 @@ discard block |
||
| 96 | 104 | * |
| 97 | 105 | * stream_set_read_buffer returns 0 on success |
| 98 | 106 | */ |
| 99 | - if (is_callable('stream_set_read_buffer')) { |
|
| 107 | + if (is_callable('stream_set_read_buffer')) |
|
| 108 | + { |
|
| 100 | 109 | stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
| 101 | 110 | } |
| 102 | - if (is_callable('stream_set_chunk_size')) { |
|
| 111 | + if (is_callable('stream_set_chunk_size')) |
|
| 112 | + { |
|
| 103 | 113 | stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
| 104 | 114 | } |
| 105 | 115 | } |
| 106 | 116 | } |
| 107 | 117 | |
| 108 | - try { |
|
| 118 | + try |
|
| 119 | + { |
|
| 109 | 120 | /** @var int $bytes */ |
| 110 | 121 | $bytes = RandomCompat_intval($bytes); |
| 111 | - } catch (TypeError $ex) { |
|
| 122 | + } |
|
| 123 | + catch (TypeError $ex) |
|
| 124 | + { |
|
| 112 | 125 | throw new TypeError( |
| 113 | 126 | 'random_bytes(): $bytes must be an integer' |
| 114 | 127 | ); |
| 115 | 128 | } |
| 116 | 129 | |
| 117 | - if ($bytes < 1) { |
|
| 130 | + if ($bytes < 1) |
|
| 131 | + { |
|
| 118 | 132 | throw new Error( |
| 119 | 133 | 'Length must be greater than 0' |
| 120 | 134 | ); |
@@ -127,7 +141,8 @@ discard block |
||
| 127 | 141 | * if (empty($fp)) line is logic that should only be run once per |
| 128 | 142 | * page load. |
| 129 | 143 | */ |
| 130 | - if (is_resource($fp)) { |
|
| 144 | + if (is_resource($fp)) |
|
| 145 | + { |
|
| 131 | 146 | /** |
| 132 | 147 | * @var int |
| 133 | 148 | */ |
@@ -146,7 +161,8 @@ discard block |
||
| 146 | 161 | * @var string|bool |
| 147 | 162 | */ |
| 148 | 163 | $read = fread($fp, $remaining); |
| 149 | - if (!is_string($read)) { |
|
| 164 | + if (!is_string($read)) |
|
| 165 | + { |
|
| 150 | 166 | /** |
| 151 | 167 | * We cannot safely read from the file. Exit the |
| 152 | 168 | * do-while loop and trigger the exception condition |
@@ -170,8 +186,10 @@ discard block |
||
| 170 | 186 | * Is our result valid? |
| 171 | 187 | * @var string|bool $buf |
| 172 | 188 | */ |
| 173 | - if (is_string($buf)) { |
|
| 174 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 189 | + if (is_string($buf)) |
|
| 190 | + { |
|
| 191 | + if (RandomCompat_strlen($buf) === $bytes) |
|
| 192 | + { |
|
| 175 | 193 | /** |
| 176 | 194 | * Return our random entropy buffer here: |
| 177 | 195 | */ |
