gravityview /
GravityView
@@ -20,16 +20,16 @@ discard block |
||
| 20 | 20 | <div id="publishing-action"> |
| 21 | 21 | <?php |
| 22 | 22 | |
| 23 | - /** |
|
| 24 | - * @filter `gravityview/edit_entry/cancel_link` Modify the cancel button link URL |
|
| 25 | - * @since 1.11.1 |
|
| 26 | - * @since 2.11 The cancel link now uses history.back() so the $back_link URL matters less. |
|
| 27 | - * @param string $back_link Existing URL of the Cancel link |
|
| 28 | - * @param array $form The Gravity Forms form |
|
| 29 | - * @param array $entry The Gravity Forms entry |
|
| 30 | - * @param int $view_id The current View ID |
|
| 31 | - */ |
|
| 32 | - $back_link = apply_filters( 'gravityview/edit_entry/cancel_link', remove_query_arg( array( 'page', 'view', 'edit' ) ), $object->form, $object->entry, $object->view_id ); |
|
| 23 | + /** |
|
| 24 | + * @filter `gravityview/edit_entry/cancel_link` Modify the cancel button link URL |
|
| 25 | + * @since 1.11.1 |
|
| 26 | + * @since 2.11 The cancel link now uses history.back() so the $back_link URL matters less. |
|
| 27 | + * @param string $back_link Existing URL of the Cancel link |
|
| 28 | + * @param array $form The Gravity Forms form |
|
| 29 | + * @param array $entry The Gravity Forms entry |
|
| 30 | + * @param int $view_id The current View ID |
|
| 31 | + */ |
|
| 32 | + $back_link = apply_filters( 'gravityview/edit_entry/cancel_link', remove_query_arg( array( 'page', 'view', 'edit' ) ), $object->form, $object->entry, $object->view_id ); |
|
| 33 | 33 | |
| 34 | 34 | /** |
| 35 | 35 | * @action `gravityview/edit-entry/publishing-action/before` Triggered before the submit buttons in the Edit Entry screen, inside the `<div id="publishing-action">` container. |
@@ -84,11 +84,11 @@ discard block |
||
| 84 | 84 | * @used-by GravityView_Delete_Entry::add_delete_button() |
| 85 | 85 | * |
| 86 | 86 | * @since 1.5.1 |
| 87 | - * @since 2.0.13 Added $post_id |
|
| 87 | + * @since 2.0.13 Added $post_id |
|
| 88 | 88 | * @param array $form The Gravity Forms form |
| 89 | 89 | * @param array $entry The Gravity Forms entry |
| 90 | 90 | * @param int $view_id The current View ID |
| 91 | - * @param int $post_id The current Post ID |
|
| 91 | + * @param int $post_id The current Post ID |
|
| 92 | 92 | */ |
| 93 | 93 | do_action( 'gravityview/edit-entry/publishing-action/after', $object->form, $object->entry, $object->view_id, $object->post_id ); |
| 94 | 94 | ?> |
@@ -27,164 +27,164 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!defined('RANDOM_COMPAT_READ_BUFFER')) { |
| 30 | - define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 30 | + define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 31 | 31 | } |
| 32 | 32 | |
| 33 | 33 | if (!is_callable('random_bytes')) { |
| 34 | - /** |
|
| 35 | - * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | - * random numbers in accordance with best practices |
|
| 37 | - * |
|
| 38 | - * Why we use /dev/urandom and not /dev/random |
|
| 39 | - * @ref https://www.2uo.de/myths-about-urandom |
|
| 40 | - * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 41 | - * |
|
| 42 | - * @param int $bytes |
|
| 43 | - * |
|
| 44 | - * @throws Exception |
|
| 45 | - * |
|
| 46 | - * @return string |
|
| 47 | - */ |
|
| 48 | - function random_bytes($bytes) |
|
| 49 | - { |
|
| 50 | - /** @var resource $fp */ |
|
| 51 | - static $fp = null; |
|
| 34 | + /** |
|
| 35 | + * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | + * random numbers in accordance with best practices |
|
| 37 | + * |
|
| 38 | + * Why we use /dev/urandom and not /dev/random |
|
| 39 | + * @ref https://www.2uo.de/myths-about-urandom |
|
| 40 | + * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 41 | + * |
|
| 42 | + * @param int $bytes |
|
| 43 | + * |
|
| 44 | + * @throws Exception |
|
| 45 | + * |
|
| 46 | + * @return string |
|
| 47 | + */ |
|
| 48 | + function random_bytes($bytes) |
|
| 49 | + { |
|
| 50 | + /** @var resource $fp */ |
|
| 51 | + static $fp = null; |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * This block should only be run once |
|
| 55 | - */ |
|
| 56 | - if (empty($fp)) { |
|
| 57 | - /** |
|
| 58 | - * We don't want to ever read C:\dev\random, only /dev/urandom on |
|
| 59 | - * Unix-like operating systems. While we guard against this |
|
| 60 | - * condition in random.php, it doesn't hurt to be defensive in depth |
|
| 61 | - * here. |
|
| 62 | - * |
|
| 63 | - * To that end, we only try to open /dev/urandom if we're on a Unix- |
|
| 64 | - * like operating system (which means the directory separator is set |
|
| 65 | - * to "/" not "\". |
|
| 66 | - */ |
|
| 67 | - if (DIRECTORY_SEPARATOR === '/') { |
|
| 68 | - if (!is_readable('/dev/urandom')) { |
|
| 69 | - throw new Exception( |
|
| 70 | - 'Environment misconfiguration: ' . |
|
| 71 | - '/dev/urandom cannot be read.' |
|
| 72 | - ); |
|
| 73 | - } |
|
| 74 | - /** |
|
| 75 | - * We use /dev/urandom if it is a char device. |
|
| 76 | - * We never fall back to /dev/random |
|
| 77 | - */ |
|
| 78 | - /** @var resource|bool $fp */ |
|
| 79 | - $fp = fopen('/dev/urandom', 'rb'); |
|
| 80 | - if (is_resource($fp)) { |
|
| 81 | - /** @var array<string, int> $st */ |
|
| 82 | - $st = fstat($fp); |
|
| 83 | - if (($st['mode'] & 0170000) !== 020000) { |
|
| 84 | - fclose($fp); |
|
| 85 | - $fp = false; |
|
| 86 | - } |
|
| 87 | - } |
|
| 88 | - } |
|
| 53 | + /** |
|
| 54 | + * This block should only be run once |
|
| 55 | + */ |
|
| 56 | + if (empty($fp)) { |
|
| 57 | + /** |
|
| 58 | + * We don't want to ever read C:\dev\random, only /dev/urandom on |
|
| 59 | + * Unix-like operating systems. While we guard against this |
|
| 60 | + * condition in random.php, it doesn't hurt to be defensive in depth |
|
| 61 | + * here. |
|
| 62 | + * |
|
| 63 | + * To that end, we only try to open /dev/urandom if we're on a Unix- |
|
| 64 | + * like operating system (which means the directory separator is set |
|
| 65 | + * to "/" not "\". |
|
| 66 | + */ |
|
| 67 | + if (DIRECTORY_SEPARATOR === '/') { |
|
| 68 | + if (!is_readable('/dev/urandom')) { |
|
| 69 | + throw new Exception( |
|
| 70 | + 'Environment misconfiguration: ' . |
|
| 71 | + '/dev/urandom cannot be read.' |
|
| 72 | + ); |
|
| 73 | + } |
|
| 74 | + /** |
|
| 75 | + * We use /dev/urandom if it is a char device. |
|
| 76 | + * We never fall back to /dev/random |
|
| 77 | + */ |
|
| 78 | + /** @var resource|bool $fp */ |
|
| 79 | + $fp = fopen('/dev/urandom', 'rb'); |
|
| 80 | + if (is_resource($fp)) { |
|
| 81 | + /** @var array<string, int> $st */ |
|
| 82 | + $st = fstat($fp); |
|
| 83 | + if (($st['mode'] & 0170000) !== 020000) { |
|
| 84 | + fclose($fp); |
|
| 85 | + $fp = false; |
|
| 86 | + } |
|
| 87 | + } |
|
| 88 | + } |
|
| 89 | 89 | |
| 90 | - if (is_resource($fp)) { |
|
| 91 | - /** |
|
| 92 | - * stream_set_read_buffer() does not exist in HHVM |
|
| 93 | - * |
|
| 94 | - * If we don't set the stream's read buffer to 0, PHP will |
|
| 95 | - * internally buffer 8192 bytes, which can waste entropy |
|
| 96 | - * |
|
| 97 | - * stream_set_read_buffer returns 0 on success |
|
| 98 | - */ |
|
| 99 | - if (is_callable('stream_set_read_buffer')) { |
|
| 100 | - stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 101 | - } |
|
| 102 | - if (is_callable('stream_set_chunk_size')) { |
|
| 103 | - stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 104 | - } |
|
| 105 | - } |
|
| 106 | - } |
|
| 90 | + if (is_resource($fp)) { |
|
| 91 | + /** |
|
| 92 | + * stream_set_read_buffer() does not exist in HHVM |
|
| 93 | + * |
|
| 94 | + * If we don't set the stream's read buffer to 0, PHP will |
|
| 95 | + * internally buffer 8192 bytes, which can waste entropy |
|
| 96 | + * |
|
| 97 | + * stream_set_read_buffer returns 0 on success |
|
| 98 | + */ |
|
| 99 | + if (is_callable('stream_set_read_buffer')) { |
|
| 100 | + stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 101 | + } |
|
| 102 | + if (is_callable('stream_set_chunk_size')) { |
|
| 103 | + stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 104 | + } |
|
| 105 | + } |
|
| 106 | + } |
|
| 107 | 107 | |
| 108 | - try { |
|
| 109 | - /** @var int $bytes */ |
|
| 110 | - $bytes = RandomCompat_intval($bytes); |
|
| 111 | - } catch (TypeError $ex) { |
|
| 112 | - throw new TypeError( |
|
| 113 | - 'random_bytes(): $bytes must be an integer' |
|
| 114 | - ); |
|
| 115 | - } |
|
| 108 | + try { |
|
| 109 | + /** @var int $bytes */ |
|
| 110 | + $bytes = RandomCompat_intval($bytes); |
|
| 111 | + } catch (TypeError $ex) { |
|
| 112 | + throw new TypeError( |
|
| 113 | + 'random_bytes(): $bytes must be an integer' |
|
| 114 | + ); |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - if ($bytes < 1) { |
|
| 118 | - throw new Error( |
|
| 119 | - 'Length must be greater than 0' |
|
| 120 | - ); |
|
| 121 | - } |
|
| 117 | + if ($bytes < 1) { |
|
| 118 | + throw new Error( |
|
| 119 | + 'Length must be greater than 0' |
|
| 120 | + ); |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * This if() block only runs if we managed to open a file handle |
|
| 125 | - * |
|
| 126 | - * It does not belong in an else {} block, because the above |
|
| 127 | - * if (empty($fp)) line is logic that should only be run once per |
|
| 128 | - * page load. |
|
| 129 | - */ |
|
| 130 | - if (is_resource($fp)) { |
|
| 131 | - /** |
|
| 132 | - * @var int |
|
| 133 | - */ |
|
| 134 | - $remaining = $bytes; |
|
| 123 | + /** |
|
| 124 | + * This if() block only runs if we managed to open a file handle |
|
| 125 | + * |
|
| 126 | + * It does not belong in an else {} block, because the above |
|
| 127 | + * if (empty($fp)) line is logic that should only be run once per |
|
| 128 | + * page load. |
|
| 129 | + */ |
|
| 130 | + if (is_resource($fp)) { |
|
| 131 | + /** |
|
| 132 | + * @var int |
|
| 133 | + */ |
|
| 134 | + $remaining = $bytes; |
|
| 135 | 135 | |
| 136 | - /** |
|
| 137 | - * @var string|bool |
|
| 138 | - */ |
|
| 139 | - $buf = ''; |
|
| 136 | + /** |
|
| 137 | + * @var string|bool |
|
| 138 | + */ |
|
| 139 | + $buf = ''; |
|
| 140 | 140 | |
| 141 | - /** |
|
| 142 | - * We use fread() in a loop to protect against partial reads |
|
| 143 | - */ |
|
| 144 | - do { |
|
| 145 | - /** |
|
| 146 | - * @var string|bool |
|
| 147 | - */ |
|
| 148 | - $read = fread($fp, $remaining); |
|
| 149 | - if (!is_string($read)) { |
|
| 150 | - /** |
|
| 151 | - * We cannot safely read from the file. Exit the |
|
| 152 | - * do-while loop and trigger the exception condition |
|
| 153 | - * |
|
| 154 | - * @var string|bool |
|
| 155 | - */ |
|
| 156 | - $buf = false; |
|
| 157 | - break; |
|
| 158 | - } |
|
| 159 | - /** |
|
| 160 | - * Decrease the number of bytes returned from remaining |
|
| 161 | - */ |
|
| 162 | - $remaining -= RandomCompat_strlen($read); |
|
| 163 | - /** |
|
| 164 | - * @var string $buf |
|
| 165 | - */ |
|
| 166 | - $buf .= $read; |
|
| 167 | - } while ($remaining > 0); |
|
| 141 | + /** |
|
| 142 | + * We use fread() in a loop to protect against partial reads |
|
| 143 | + */ |
|
| 144 | + do { |
|
| 145 | + /** |
|
| 146 | + * @var string|bool |
|
| 147 | + */ |
|
| 148 | + $read = fread($fp, $remaining); |
|
| 149 | + if (!is_string($read)) { |
|
| 150 | + /** |
|
| 151 | + * We cannot safely read from the file. Exit the |
|
| 152 | + * do-while loop and trigger the exception condition |
|
| 153 | + * |
|
| 154 | + * @var string|bool |
|
| 155 | + */ |
|
| 156 | + $buf = false; |
|
| 157 | + break; |
|
| 158 | + } |
|
| 159 | + /** |
|
| 160 | + * Decrease the number of bytes returned from remaining |
|
| 161 | + */ |
|
| 162 | + $remaining -= RandomCompat_strlen($read); |
|
| 163 | + /** |
|
| 164 | + * @var string $buf |
|
| 165 | + */ |
|
| 166 | + $buf .= $read; |
|
| 167 | + } while ($remaining > 0); |
|
| 168 | 168 | |
| 169 | - /** |
|
| 170 | - * Is our result valid? |
|
| 171 | - * @var string|bool $buf |
|
| 172 | - */ |
|
| 173 | - if (is_string($buf)) { |
|
| 174 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 175 | - /** |
|
| 176 | - * Return our random entropy buffer here: |
|
| 177 | - */ |
|
| 178 | - return $buf; |
|
| 179 | - } |
|
| 180 | - } |
|
| 181 | - } |
|
| 169 | + /** |
|
| 170 | + * Is our result valid? |
|
| 171 | + * @var string|bool $buf |
|
| 172 | + */ |
|
| 173 | + if (is_string($buf)) { |
|
| 174 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 175 | + /** |
|
| 176 | + * Return our random entropy buffer here: |
|
| 177 | + */ |
|
| 178 | + return $buf; |
|
| 179 | + } |
|
| 180 | + } |
|
| 181 | + } |
|
| 182 | 182 | |
| 183 | - /** |
|
| 184 | - * If we reach here, PHP has failed us. |
|
| 185 | - */ |
|
| 186 | - throw new Exception( |
|
| 187 | - 'Error reading from source device' |
|
| 188 | - ); |
|
| 189 | - } |
|
| 183 | + /** |
|
| 184 | + * If we reach here, PHP has failed us. |
|
| 185 | + */ |
|
| 186 | + throw new Exception( |
|
| 187 | + 'Error reading from source device' |
|
| 188 | + ); |
|
| 189 | + } |
|
| 190 | 190 | } |
@@ -1,204 +1,204 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (!is_callable('random_int')) { |
| 4 | - /** |
|
| 5 | - * Random_* Compatibility Library |
|
| 6 | - * for using the new PHP 7 random_* API in PHP 5 projects |
|
| 7 | - * |
|
| 8 | - * The MIT License (MIT) |
|
| 9 | - * |
|
| 10 | - * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises |
|
| 11 | - * |
|
| 12 | - * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| 13 | - * of this software and associated documentation files (the "Software"), to deal |
|
| 14 | - * in the Software without restriction, including without limitation the rights |
|
| 15 | - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
| 16 | - * copies of the Software, and to permit persons to whom the Software is |
|
| 17 | - * furnished to do so, subject to the following conditions: |
|
| 18 | - * |
|
| 19 | - * The above copyright notice and this permission notice shall be included in |
|
| 20 | - * all copies or substantial portions of the Software. |
|
| 21 | - * |
|
| 22 | - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
| 23 | - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
| 24 | - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
| 25 | - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
| 26 | - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
| 27 | - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
| 28 | - * SOFTWARE. |
|
| 29 | - */ |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * Fetch a random integer between $min and $max inclusive |
|
| 33 | - * |
|
| 34 | - * @param int $min |
|
| 35 | - * @param int $max |
|
| 36 | - * |
|
| 37 | - * @throws Exception |
|
| 38 | - * |
|
| 39 | - * @return int |
|
| 40 | - */ |
|
| 41 | - function random_int($min, $max) |
|
| 42 | - { |
|
| 43 | - /** |
|
| 44 | - * Type and input logic checks |
|
| 45 | - * |
|
| 46 | - * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 47 | - * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 48 | - * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 49 | - * lose precision, so the <= and => operators might accidentally let a float |
|
| 50 | - * through. |
|
| 51 | - */ |
|
| 52 | - |
|
| 53 | - try { |
|
| 54 | - /** @var int $min */ |
|
| 55 | - $min = RandomCompat_intval($min); |
|
| 56 | - } catch (TypeError $ex) { |
|
| 57 | - throw new TypeError( |
|
| 58 | - 'random_int(): $min must be an integer' |
|
| 59 | - ); |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - try { |
|
| 63 | - /** @var int $max */ |
|
| 64 | - $max = RandomCompat_intval($max); |
|
| 65 | - } catch (TypeError $ex) { |
|
| 66 | - throw new TypeError( |
|
| 67 | - 'random_int(): $max must be an integer' |
|
| 68 | - ); |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - /** |
|
| 72 | - * Now that we've verified our weak typing system has given us an integer, |
|
| 73 | - * let's validate the logic then we can move forward with generating random |
|
| 74 | - * integers along a given range. |
|
| 75 | - */ |
|
| 76 | - if ($min > $max) { |
|
| 77 | - throw new Error( |
|
| 78 | - 'Minimum value must be less than or equal to the maximum value' |
|
| 79 | - ); |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - if ($max === $min) { |
|
| 83 | - return (int) $min; |
|
| 84 | - } |
|
| 85 | - |
|
| 86 | - /** |
|
| 87 | - * Initialize variables to 0 |
|
| 88 | - * |
|
| 89 | - * We want to store: |
|
| 90 | - * $bytes => the number of random bytes we need |
|
| 91 | - * $mask => an integer bitmask (for use with the &) operator |
|
| 92 | - * so we can minimize the number of discards |
|
| 93 | - */ |
|
| 94 | - $attempts = $bits = $bytes = $mask = $valueShift = 0; |
|
| 95 | - /** @var int $attempts */ |
|
| 96 | - /** @var int $bits */ |
|
| 97 | - /** @var int $bytes */ |
|
| 98 | - /** @var int $mask */ |
|
| 99 | - /** @var int $valueShift */ |
|
| 100 | - |
|
| 101 | - /** |
|
| 102 | - * At this point, $range is a positive number greater than 0. It might |
|
| 103 | - * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to |
|
| 104 | - * a float and we will lose some precision. |
|
| 105 | - * |
|
| 106 | - * @var int|float $range |
|
| 107 | - */ |
|
| 108 | - $range = $max - $min; |
|
| 109 | - |
|
| 110 | - /** |
|
| 111 | - * Test for integer overflow: |
|
| 112 | - */ |
|
| 113 | - if (!is_int($range)) { |
|
| 114 | - |
|
| 115 | - /** |
|
| 116 | - * Still safely calculate wider ranges. |
|
| 117 | - * Provided by @CodesInChaos, @oittaa |
|
| 118 | - * |
|
| 119 | - * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 |
|
| 120 | - * |
|
| 121 | - * We use ~0 as a mask in this case because it generates all 1s |
|
| 122 | - * |
|
| 123 | - * @ref https://eval.in/400356 (32-bit) |
|
| 124 | - * @ref http://3v4l.org/XX9r5 (64-bit) |
|
| 125 | - */ |
|
| 126 | - $bytes = PHP_INT_SIZE; |
|
| 127 | - /** @var int $mask */ |
|
| 128 | - $mask = ~0; |
|
| 129 | - |
|
| 130 | - } else { |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * $bits is effectively ceil(log($range, 2)) without dealing with |
|
| 134 | - * type juggling |
|
| 135 | - */ |
|
| 136 | - while ($range > 0) { |
|
| 137 | - if ($bits % 8 === 0) { |
|
| 138 | - ++$bytes; |
|
| 139 | - } |
|
| 140 | - ++$bits; |
|
| 141 | - $range >>= 1; |
|
| 142 | - /** @var int $mask */ |
|
| 143 | - $mask = $mask << 1 | 1; |
|
| 144 | - } |
|
| 145 | - $valueShift = $min; |
|
| 146 | - } |
|
| 147 | - |
|
| 148 | - /** @var int $val */ |
|
| 149 | - $val = 0; |
|
| 150 | - /** |
|
| 151 | - * Now that we have our parameters set up, let's begin generating |
|
| 152 | - * random integers until one falls between $min and $max |
|
| 153 | - */ |
|
| 154 | - /** @psalm-suppress RedundantCondition */ |
|
| 155 | - do { |
|
| 156 | - /** |
|
| 157 | - * The rejection probability is at most 0.5, so this corresponds |
|
| 158 | - * to a failure probability of 2^-128 for a working RNG |
|
| 159 | - */ |
|
| 160 | - if ($attempts > 128) { |
|
| 161 | - throw new Exception( |
|
| 162 | - 'random_int: RNG is broken - too many rejections' |
|
| 163 | - ); |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - /** |
|
| 167 | - * Let's grab the necessary number of random bytes |
|
| 168 | - */ |
|
| 169 | - $randomByteString = random_bytes($bytes); |
|
| 170 | - |
|
| 171 | - /** |
|
| 172 | - * Let's turn $randomByteString into an integer |
|
| 173 | - * |
|
| 174 | - * This uses bitwise operators (<< and |) to build an integer |
|
| 175 | - * out of the values extracted from ord() |
|
| 176 | - * |
|
| 177 | - * Example: [9F] | [6D] | [32] | [0C] => |
|
| 178 | - * 159 + 27904 + 3276800 + 201326592 => |
|
| 179 | - * 204631455 |
|
| 180 | - */ |
|
| 181 | - $val &= 0; |
|
| 182 | - for ($i = 0; $i < $bytes; ++$i) { |
|
| 183 | - $val |= ord($randomByteString[$i]) << ($i * 8); |
|
| 184 | - } |
|
| 185 | - /** @var int $val */ |
|
| 186 | - |
|
| 187 | - /** |
|
| 188 | - * Apply mask |
|
| 189 | - */ |
|
| 190 | - $val &= $mask; |
|
| 191 | - $val += $valueShift; |
|
| 192 | - |
|
| 193 | - ++$attempts; |
|
| 194 | - /** |
|
| 195 | - * If $val overflows to a floating point number, |
|
| 196 | - * ... or is larger than $max, |
|
| 197 | - * ... or smaller than $min, |
|
| 198 | - * then try again. |
|
| 199 | - */ |
|
| 200 | - } while (!is_int($val) || $val > $max || $val < $min); |
|
| 201 | - |
|
| 202 | - return (int) $val; |
|
| 203 | - } |
|
| 4 | + /** |
|
| 5 | + * Random_* Compatibility Library |
|
| 6 | + * for using the new PHP 7 random_* API in PHP 5 projects |
|
| 7 | + * |
|
| 8 | + * The MIT License (MIT) |
|
| 9 | + * |
|
| 10 | + * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises |
|
| 11 | + * |
|
| 12 | + * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| 13 | + * of this software and associated documentation files (the "Software"), to deal |
|
| 14 | + * in the Software without restriction, including without limitation the rights |
|
| 15 | + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
| 16 | + * copies of the Software, and to permit persons to whom the Software is |
|
| 17 | + * furnished to do so, subject to the following conditions: |
|
| 18 | + * |
|
| 19 | + * The above copyright notice and this permission notice shall be included in |
|
| 20 | + * all copies or substantial portions of the Software. |
|
| 21 | + * |
|
| 22 | + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
| 23 | + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
| 24 | + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
| 25 | + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
| 26 | + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
| 27 | + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
| 28 | + * SOFTWARE. |
|
| 29 | + */ |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * Fetch a random integer between $min and $max inclusive |
|
| 33 | + * |
|
| 34 | + * @param int $min |
|
| 35 | + * @param int $max |
|
| 36 | + * |
|
| 37 | + * @throws Exception |
|
| 38 | + * |
|
| 39 | + * @return int |
|
| 40 | + */ |
|
| 41 | + function random_int($min, $max) |
|
| 42 | + { |
|
| 43 | + /** |
|
| 44 | + * Type and input logic checks |
|
| 45 | + * |
|
| 46 | + * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 47 | + * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 48 | + * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 49 | + * lose precision, so the <= and => operators might accidentally let a float |
|
| 50 | + * through. |
|
| 51 | + */ |
|
| 52 | + |
|
| 53 | + try { |
|
| 54 | + /** @var int $min */ |
|
| 55 | + $min = RandomCompat_intval($min); |
|
| 56 | + } catch (TypeError $ex) { |
|
| 57 | + throw new TypeError( |
|
| 58 | + 'random_int(): $min must be an integer' |
|
| 59 | + ); |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + try { |
|
| 63 | + /** @var int $max */ |
|
| 64 | + $max = RandomCompat_intval($max); |
|
| 65 | + } catch (TypeError $ex) { |
|
| 66 | + throw new TypeError( |
|
| 67 | + 'random_int(): $max must be an integer' |
|
| 68 | + ); |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + /** |
|
| 72 | + * Now that we've verified our weak typing system has given us an integer, |
|
| 73 | + * let's validate the logic then we can move forward with generating random |
|
| 74 | + * integers along a given range. |
|
| 75 | + */ |
|
| 76 | + if ($min > $max) { |
|
| 77 | + throw new Error( |
|
| 78 | + 'Minimum value must be less than or equal to the maximum value' |
|
| 79 | + ); |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + if ($max === $min) { |
|
| 83 | + return (int) $min; |
|
| 84 | + } |
|
| 85 | + |
|
| 86 | + /** |
|
| 87 | + * Initialize variables to 0 |
|
| 88 | + * |
|
| 89 | + * We want to store: |
|
| 90 | + * $bytes => the number of random bytes we need |
|
| 91 | + * $mask => an integer bitmask (for use with the &) operator |
|
| 92 | + * so we can minimize the number of discards |
|
| 93 | + */ |
|
| 94 | + $attempts = $bits = $bytes = $mask = $valueShift = 0; |
|
| 95 | + /** @var int $attempts */ |
|
| 96 | + /** @var int $bits */ |
|
| 97 | + /** @var int $bytes */ |
|
| 98 | + /** @var int $mask */ |
|
| 99 | + /** @var int $valueShift */ |
|
| 100 | + |
|
| 101 | + /** |
|
| 102 | + * At this point, $range is a positive number greater than 0. It might |
|
| 103 | + * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to |
|
| 104 | + * a float and we will lose some precision. |
|
| 105 | + * |
|
| 106 | + * @var int|float $range |
|
| 107 | + */ |
|
| 108 | + $range = $max - $min; |
|
| 109 | + |
|
| 110 | + /** |
|
| 111 | + * Test for integer overflow: |
|
| 112 | + */ |
|
| 113 | + if (!is_int($range)) { |
|
| 114 | + |
|
| 115 | + /** |
|
| 116 | + * Still safely calculate wider ranges. |
|
| 117 | + * Provided by @CodesInChaos, @oittaa |
|
| 118 | + * |
|
| 119 | + * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 |
|
| 120 | + * |
|
| 121 | + * We use ~0 as a mask in this case because it generates all 1s |
|
| 122 | + * |
|
| 123 | + * @ref https://eval.in/400356 (32-bit) |
|
| 124 | + * @ref http://3v4l.org/XX9r5 (64-bit) |
|
| 125 | + */ |
|
| 126 | + $bytes = PHP_INT_SIZE; |
|
| 127 | + /** @var int $mask */ |
|
| 128 | + $mask = ~0; |
|
| 129 | + |
|
| 130 | + } else { |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * $bits is effectively ceil(log($range, 2)) without dealing with |
|
| 134 | + * type juggling |
|
| 135 | + */ |
|
| 136 | + while ($range > 0) { |
|
| 137 | + if ($bits % 8 === 0) { |
|
| 138 | + ++$bytes; |
|
| 139 | + } |
|
| 140 | + ++$bits; |
|
| 141 | + $range >>= 1; |
|
| 142 | + /** @var int $mask */ |
|
| 143 | + $mask = $mask << 1 | 1; |
|
| 144 | + } |
|
| 145 | + $valueShift = $min; |
|
| 146 | + } |
|
| 147 | + |
|
| 148 | + /** @var int $val */ |
|
| 149 | + $val = 0; |
|
| 150 | + /** |
|
| 151 | + * Now that we have our parameters set up, let's begin generating |
|
| 152 | + * random integers until one falls between $min and $max |
|
| 153 | + */ |
|
| 154 | + /** @psalm-suppress RedundantCondition */ |
|
| 155 | + do { |
|
| 156 | + /** |
|
| 157 | + * The rejection probability is at most 0.5, so this corresponds |
|
| 158 | + * to a failure probability of 2^-128 for a working RNG |
|
| 159 | + */ |
|
| 160 | + if ($attempts > 128) { |
|
| 161 | + throw new Exception( |
|
| 162 | + 'random_int: RNG is broken - too many rejections' |
|
| 163 | + ); |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + /** |
|
| 167 | + * Let's grab the necessary number of random bytes |
|
| 168 | + */ |
|
| 169 | + $randomByteString = random_bytes($bytes); |
|
| 170 | + |
|
| 171 | + /** |
|
| 172 | + * Let's turn $randomByteString into an integer |
|
| 173 | + * |
|
| 174 | + * This uses bitwise operators (<< and |) to build an integer |
|
| 175 | + * out of the values extracted from ord() |
|
| 176 | + * |
|
| 177 | + * Example: [9F] | [6D] | [32] | [0C] => |
|
| 178 | + * 159 + 27904 + 3276800 + 201326592 => |
|
| 179 | + * 204631455 |
|
| 180 | + */ |
|
| 181 | + $val &= 0; |
|
| 182 | + for ($i = 0; $i < $bytes; ++$i) { |
|
| 183 | + $val |= ord($randomByteString[$i]) << ($i * 8); |
|
| 184 | + } |
|
| 185 | + /** @var int $val */ |
|
| 186 | + |
|
| 187 | + /** |
|
| 188 | + * Apply mask |
|
| 189 | + */ |
|
| 190 | + $val &= $mask; |
|
| 191 | + $val += $valueShift; |
|
| 192 | + |
|
| 193 | + ++$attempts; |
|
| 194 | + /** |
|
| 195 | + * If $val overflows to a floating point number, |
|
| 196 | + * ... or is larger than $max, |
|
| 197 | + * ... or smaller than $min, |
|
| 198 | + * then try again. |
|
| 199 | + */ |
|
| 200 | + } while (!is_int($val) || $val > $max || $val < $min); |
|
| 201 | + |
|
| 202 | + return (int) $val; |
|
| 203 | + } |
|
| 204 | 204 | } |
@@ -27,67 +27,67 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | - * solution. |
|
| 33 | - * |
|
| 34 | - * libsodium-php project: |
|
| 35 | - * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | - * |
|
| 37 | - * @param int $bytes |
|
| 38 | - * |
|
| 39 | - * @throws Exception |
|
| 40 | - * |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - function random_bytes($bytes) |
|
| 44 | - { |
|
| 45 | - try { |
|
| 46 | - /** @var int $bytes */ |
|
| 47 | - $bytes = RandomCompat_intval($bytes); |
|
| 48 | - } catch (TypeError $ex) { |
|
| 49 | - throw new TypeError( |
|
| 50 | - 'random_bytes(): $bytes must be an integer' |
|
| 51 | - ); |
|
| 52 | - } |
|
| 30 | + /** |
|
| 31 | + * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | + * solution. |
|
| 33 | + * |
|
| 34 | + * libsodium-php project: |
|
| 35 | + * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | + * |
|
| 37 | + * @param int $bytes |
|
| 38 | + * |
|
| 39 | + * @throws Exception |
|
| 40 | + * |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + function random_bytes($bytes) |
|
| 44 | + { |
|
| 45 | + try { |
|
| 46 | + /** @var int $bytes */ |
|
| 47 | + $bytes = RandomCompat_intval($bytes); |
|
| 48 | + } catch (TypeError $ex) { |
|
| 49 | + throw new TypeError( |
|
| 50 | + 'random_bytes(): $bytes must be an integer' |
|
| 51 | + ); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - if ($bytes < 1) { |
|
| 55 | - throw new Error( |
|
| 56 | - 'Length must be greater than 0' |
|
| 57 | - ); |
|
| 58 | - } |
|
| 54 | + if ($bytes < 1) { |
|
| 55 | + throw new Error( |
|
| 56 | + 'Length must be greater than 0' |
|
| 57 | + ); |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @var string |
|
| 62 | - */ |
|
| 63 | - $buf = ''; |
|
| 60 | + /** |
|
| 61 | + * @var string |
|
| 62 | + */ |
|
| 63 | + $buf = ''; |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 67 | - * generated in one invocation. |
|
| 68 | - */ |
|
| 69 | - if ($bytes > 2147483647) { |
|
| 70 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 71 | - $n = ($bytes - $i) > 1073741824 |
|
| 72 | - ? 1073741824 |
|
| 73 | - : $bytes - $i; |
|
| 74 | - $buf .= Sodium::randombytes_buf((int) $n); |
|
| 75 | - } |
|
| 76 | - } else { |
|
| 77 | - $buf .= Sodium::randombytes_buf((int) $bytes); |
|
| 78 | - } |
|
| 65 | + /** |
|
| 66 | + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 67 | + * generated in one invocation. |
|
| 68 | + */ |
|
| 69 | + if ($bytes > 2147483647) { |
|
| 70 | + for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 71 | + $n = ($bytes - $i) > 1073741824 |
|
| 72 | + ? 1073741824 |
|
| 73 | + : $bytes - $i; |
|
| 74 | + $buf .= Sodium::randombytes_buf((int) $n); |
|
| 75 | + } |
|
| 76 | + } else { |
|
| 77 | + $buf .= Sodium::randombytes_buf((int) $bytes); |
|
| 78 | + } |
|
| 79 | 79 | |
| 80 | - if (is_string($buf)) { |
|
| 81 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 82 | - return $buf; |
|
| 83 | - } |
|
| 84 | - } |
|
| 80 | + if (is_string($buf)) { |
|
| 81 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 82 | + return $buf; |
|
| 83 | + } |
|
| 84 | + } |
|
| 85 | 85 | |
| 86 | - /** |
|
| 87 | - * If we reach here, PHP has failed us. |
|
| 88 | - */ |
|
| 89 | - throw new Exception( |
|
| 90 | - 'Could not gather sufficient random data' |
|
| 91 | - ); |
|
| 92 | - } |
|
| 86 | + /** |
|
| 87 | + * If we reach here, PHP has failed us. |
|
| 88 | + */ |
|
| 89 | + throw new Exception( |
|
| 90 | + 'Could not gather sufficient random data' |
|
| 91 | + ); |
|
| 92 | + } |
|
| 93 | 93 | } |
@@ -28,50 +28,50 @@ |
||
| 28 | 28 | |
| 29 | 29 | if (!is_callable('RandomCompat_intval')) { |
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * Cast to an integer if we can, safely. |
|
| 33 | - * |
|
| 34 | - * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 35 | - * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 36 | - * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 37 | - * lose precision, so the <= and => operators might accidentally let a float |
|
| 38 | - * through. |
|
| 39 | - * |
|
| 40 | - * @param int|float $number The number we want to convert to an int |
|
| 41 | - * @param bool $fail_open Set to true to not throw an exception |
|
| 42 | - * |
|
| 43 | - * @return float|int |
|
| 44 | - * @psalm-suppress InvalidReturnType |
|
| 45 | - * |
|
| 46 | - * @throws TypeError |
|
| 47 | - */ |
|
| 48 | - function RandomCompat_intval($number, $fail_open = false) |
|
| 49 | - { |
|
| 50 | - if (is_int($number) || is_float($number)) { |
|
| 51 | - $number += 0; |
|
| 52 | - } elseif (is_numeric($number)) { |
|
| 53 | - /** @psalm-suppress InvalidOperand */ |
|
| 54 | - $number += 0; |
|
| 55 | - } |
|
| 56 | - /** @var int|float $number */ |
|
| 31 | + /** |
|
| 32 | + * Cast to an integer if we can, safely. |
|
| 33 | + * |
|
| 34 | + * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 35 | + * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 36 | + * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 37 | + * lose precision, so the <= and => operators might accidentally let a float |
|
| 38 | + * through. |
|
| 39 | + * |
|
| 40 | + * @param int|float $number The number we want to convert to an int |
|
| 41 | + * @param bool $fail_open Set to true to not throw an exception |
|
| 42 | + * |
|
| 43 | + * @return float|int |
|
| 44 | + * @psalm-suppress InvalidReturnType |
|
| 45 | + * |
|
| 46 | + * @throws TypeError |
|
| 47 | + */ |
|
| 48 | + function RandomCompat_intval($number, $fail_open = false) |
|
| 49 | + { |
|
| 50 | + if (is_int($number) || is_float($number)) { |
|
| 51 | + $number += 0; |
|
| 52 | + } elseif (is_numeric($number)) { |
|
| 53 | + /** @psalm-suppress InvalidOperand */ |
|
| 54 | + $number += 0; |
|
| 55 | + } |
|
| 56 | + /** @var int|float $number */ |
|
| 57 | 57 | |
| 58 | - if ( |
|
| 59 | - is_float($number) |
|
| 60 | - && |
|
| 61 | - $number > ~PHP_INT_MAX |
|
| 62 | - && |
|
| 63 | - $number < PHP_INT_MAX |
|
| 64 | - ) { |
|
| 65 | - $number = (int) $number; |
|
| 66 | - } |
|
| 58 | + if ( |
|
| 59 | + is_float($number) |
|
| 60 | + && |
|
| 61 | + $number > ~PHP_INT_MAX |
|
| 62 | + && |
|
| 63 | + $number < PHP_INT_MAX |
|
| 64 | + ) { |
|
| 65 | + $number = (int) $number; |
|
| 66 | + } |
|
| 67 | 67 | |
| 68 | - if (is_int($number)) { |
|
| 69 | - return (int) $number; |
|
| 70 | - } elseif (!$fail_open) { |
|
| 71 | - throw new TypeError( |
|
| 72 | - 'Expected an integer.' |
|
| 73 | - ); |
|
| 74 | - } |
|
| 75 | - return $number; |
|
| 76 | - } |
|
| 68 | + if (is_int($number)) { |
|
| 69 | + return (int) $number; |
|
| 70 | + } elseif (!$fail_open) { |
|
| 71 | + throw new TypeError( |
|
| 72 | + 'Expected an integer.' |
|
| 73 | + ); |
|
| 74 | + } |
|
| 75 | + return $number; |
|
| 76 | + } |
|
| 77 | 77 | } |
@@ -27,53 +27,53 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * Powered by ext/mcrypt (and thankfully NOT libmcrypt) |
|
| 32 | - * |
|
| 33 | - * @ref https://bugs.php.net/bug.php?id=55169 |
|
| 34 | - * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 |
|
| 35 | - * |
|
| 36 | - * @param int $bytes |
|
| 37 | - * |
|
| 38 | - * @throws Exception |
|
| 39 | - * |
|
| 40 | - * @return string |
|
| 41 | - */ |
|
| 42 | - function random_bytes($bytes) |
|
| 43 | - { |
|
| 44 | - try { |
|
| 45 | - /** @var int $bytes */ |
|
| 46 | - $bytes = RandomCompat_intval($bytes); |
|
| 47 | - } catch (TypeError $ex) { |
|
| 48 | - throw new TypeError( |
|
| 49 | - 'random_bytes(): $bytes must be an integer' |
|
| 50 | - ); |
|
| 51 | - } |
|
| 30 | + /** |
|
| 31 | + * Powered by ext/mcrypt (and thankfully NOT libmcrypt) |
|
| 32 | + * |
|
| 33 | + * @ref https://bugs.php.net/bug.php?id=55169 |
|
| 34 | + * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 |
|
| 35 | + * |
|
| 36 | + * @param int $bytes |
|
| 37 | + * |
|
| 38 | + * @throws Exception |
|
| 39 | + * |
|
| 40 | + * @return string |
|
| 41 | + */ |
|
| 42 | + function random_bytes($bytes) |
|
| 43 | + { |
|
| 44 | + try { |
|
| 45 | + /** @var int $bytes */ |
|
| 46 | + $bytes = RandomCompat_intval($bytes); |
|
| 47 | + } catch (TypeError $ex) { |
|
| 48 | + throw new TypeError( |
|
| 49 | + 'random_bytes(): $bytes must be an integer' |
|
| 50 | + ); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - if ($bytes < 1) { |
|
| 54 | - throw new Error( |
|
| 55 | - 'Length must be greater than 0' |
|
| 56 | - ); |
|
| 57 | - } |
|
| 53 | + if ($bytes < 1) { |
|
| 54 | + throw new Error( |
|
| 55 | + 'Length must be greater than 0' |
|
| 56 | + ); |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** @var string|bool $buf */ |
|
| 60 | - $buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM); |
|
| 61 | - if ( |
|
| 62 | - is_string($buf) |
|
| 63 | - && |
|
| 64 | - RandomCompat_strlen($buf) === $bytes |
|
| 65 | - ) { |
|
| 66 | - /** |
|
| 67 | - * Return our random entropy buffer here: |
|
| 68 | - */ |
|
| 69 | - return $buf; |
|
| 70 | - } |
|
| 59 | + /** @var string|bool $buf */ |
|
| 60 | + $buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM); |
|
| 61 | + if ( |
|
| 62 | + is_string($buf) |
|
| 63 | + && |
|
| 64 | + RandomCompat_strlen($buf) === $bytes |
|
| 65 | + ) { |
|
| 66 | + /** |
|
| 67 | + * Return our random entropy buffer here: |
|
| 68 | + */ |
|
| 69 | + return $buf; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - /** |
|
| 73 | - * If we reach here, PHP has failed us. |
|
| 74 | - */ |
|
| 75 | - throw new Exception( |
|
| 76 | - 'Could not gather sufficient random data' |
|
| 77 | - ); |
|
| 78 | - } |
|
| 72 | + /** |
|
| 73 | + * If we reach here, PHP has failed us. |
|
| 74 | + */ |
|
| 75 | + throw new Exception( |
|
| 76 | + 'Could not gather sufficient random data' |
|
| 77 | + ); |
|
| 78 | + } |
|
| 79 | 79 | } |
@@ -27,65 +27,65 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | - * solution. |
|
| 33 | - * |
|
| 34 | - * libsodium-php project: |
|
| 35 | - * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | - * |
|
| 37 | - * @param int $bytes |
|
| 38 | - * |
|
| 39 | - * @throws Exception |
|
| 40 | - * |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - function random_bytes($bytes) |
|
| 44 | - { |
|
| 45 | - try { |
|
| 46 | - /** @var int $bytes */ |
|
| 47 | - $bytes = RandomCompat_intval($bytes); |
|
| 48 | - } catch (TypeError $ex) { |
|
| 49 | - throw new TypeError( |
|
| 50 | - 'random_bytes(): $bytes must be an integer' |
|
| 51 | - ); |
|
| 52 | - } |
|
| 30 | + /** |
|
| 31 | + * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | + * solution. |
|
| 33 | + * |
|
| 34 | + * libsodium-php project: |
|
| 35 | + * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | + * |
|
| 37 | + * @param int $bytes |
|
| 38 | + * |
|
| 39 | + * @throws Exception |
|
| 40 | + * |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + function random_bytes($bytes) |
|
| 44 | + { |
|
| 45 | + try { |
|
| 46 | + /** @var int $bytes */ |
|
| 47 | + $bytes = RandomCompat_intval($bytes); |
|
| 48 | + } catch (TypeError $ex) { |
|
| 49 | + throw new TypeError( |
|
| 50 | + 'random_bytes(): $bytes must be an integer' |
|
| 51 | + ); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - if ($bytes < 1) { |
|
| 55 | - throw new Error( |
|
| 56 | - 'Length must be greater than 0' |
|
| 57 | - ); |
|
| 58 | - } |
|
| 54 | + if ($bytes < 1) { |
|
| 55 | + throw new Error( |
|
| 56 | + 'Length must be greater than 0' |
|
| 57 | + ); |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 62 | - * generated in one invocation. |
|
| 63 | - */ |
|
| 64 | - /** @var string|bool $buf */ |
|
| 65 | - if ($bytes > 2147483647) { |
|
| 66 | - $buf = ''; |
|
| 67 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 68 | - $n = ($bytes - $i) > 1073741824 |
|
| 69 | - ? 1073741824 |
|
| 70 | - : $bytes - $i; |
|
| 71 | - $buf .= \Sodium\randombytes_buf($n); |
|
| 72 | - } |
|
| 73 | - } else { |
|
| 74 | - /** @var string|bool $buf */ |
|
| 75 | - $buf = \Sodium\randombytes_buf($bytes); |
|
| 76 | - } |
|
| 60 | + /** |
|
| 61 | + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 62 | + * generated in one invocation. |
|
| 63 | + */ |
|
| 64 | + /** @var string|bool $buf */ |
|
| 65 | + if ($bytes > 2147483647) { |
|
| 66 | + $buf = ''; |
|
| 67 | + for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 68 | + $n = ($bytes - $i) > 1073741824 |
|
| 69 | + ? 1073741824 |
|
| 70 | + : $bytes - $i; |
|
| 71 | + $buf .= \Sodium\randombytes_buf($n); |
|
| 72 | + } |
|
| 73 | + } else { |
|
| 74 | + /** @var string|bool $buf */ |
|
| 75 | + $buf = \Sodium\randombytes_buf($bytes); |
|
| 76 | + } |
|
| 77 | 77 | |
| 78 | - if (is_string($buf)) { |
|
| 79 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 80 | - return $buf; |
|
| 81 | - } |
|
| 82 | - } |
|
| 78 | + if (is_string($buf)) { |
|
| 79 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 80 | + return $buf; |
|
| 81 | + } |
|
| 82 | + } |
|
| 83 | 83 | |
| 84 | - /** |
|
| 85 | - * If we reach here, PHP has failed us. |
|
| 86 | - */ |
|
| 87 | - throw new Exception( |
|
| 88 | - 'Could not gather sufficient random data' |
|
| 89 | - ); |
|
| 90 | - } |
|
| 84 | + /** |
|
| 85 | + * If we reach here, PHP has failed us. |
|
| 86 | + */ |
|
| 87 | + throw new Exception( |
|
| 88 | + 'Could not gather sufficient random data' |
|
| 89 | + ); |
|
| 90 | + } |
|
| 91 | 91 | } |
@@ -27,23 +27,23 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!class_exists('Error', false)) { |
| 30 | - // We can't really avoid making this extend Exception in PHP 5. |
|
| 31 | - class Error extends Exception |
|
| 32 | - { |
|
| 30 | + // We can't really avoid making this extend Exception in PHP 5. |
|
| 31 | + class Error extends Exception |
|
| 32 | + { |
|
| 33 | 33 | |
| 34 | - } |
|
| 34 | + } |
|
| 35 | 35 | } |
| 36 | 36 | |
| 37 | 37 | if (!class_exists('TypeError', false)) { |
| 38 | - if (is_subclass_of('Error', 'Exception')) { |
|
| 39 | - class TypeError extends Error |
|
| 40 | - { |
|
| 38 | + if (is_subclass_of('Error', 'Exception')) { |
|
| 39 | + class TypeError extends Error |
|
| 40 | + { |
|
| 41 | 41 | |
| 42 | - } |
|
| 43 | - } else { |
|
| 44 | - class TypeError extends Exception |
|
| 45 | - { |
|
| 42 | + } |
|
| 43 | + } else { |
|
| 44 | + class TypeError extends Exception |
|
| 45 | + { |
|
| 46 | 46 | |
| 47 | - } |
|
| 48 | - } |
|
| 47 | + } |
|
| 48 | + } |
|
| 49 | 49 | } |
@@ -27,169 +27,169 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('RandomCompat_strlen')) { |
| 30 | - if ( |
|
| 31 | - defined('MB_OVERLOAD_STRING') |
|
| 32 | - && |
|
| 33 | - ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 34 | - ) { |
|
| 35 | - /** |
|
| 36 | - * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 37 | - * |
|
| 38 | - * This version uses mb_strlen() in '8bit' mode to treat strings as raw |
|
| 39 | - * binary rather than UTF-8, ISO-8859-1, etc |
|
| 40 | - * |
|
| 41 | - * @param string $binary_string |
|
| 42 | - * |
|
| 43 | - * @throws TypeError |
|
| 44 | - * |
|
| 45 | - * @return int |
|
| 46 | - */ |
|
| 47 | - function RandomCompat_strlen($binary_string) |
|
| 48 | - { |
|
| 49 | - if (!is_string($binary_string)) { |
|
| 50 | - throw new TypeError( |
|
| 51 | - 'RandomCompat_strlen() expects a string' |
|
| 52 | - ); |
|
| 53 | - } |
|
| 30 | + if ( |
|
| 31 | + defined('MB_OVERLOAD_STRING') |
|
| 32 | + && |
|
| 33 | + ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 34 | + ) { |
|
| 35 | + /** |
|
| 36 | + * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 37 | + * |
|
| 38 | + * This version uses mb_strlen() in '8bit' mode to treat strings as raw |
|
| 39 | + * binary rather than UTF-8, ISO-8859-1, etc |
|
| 40 | + * |
|
| 41 | + * @param string $binary_string |
|
| 42 | + * |
|
| 43 | + * @throws TypeError |
|
| 44 | + * |
|
| 45 | + * @return int |
|
| 46 | + */ |
|
| 47 | + function RandomCompat_strlen($binary_string) |
|
| 48 | + { |
|
| 49 | + if (!is_string($binary_string)) { |
|
| 50 | + throw new TypeError( |
|
| 51 | + 'RandomCompat_strlen() expects a string' |
|
| 52 | + ); |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - return (int) mb_strlen($binary_string, '8bit'); |
|
| 56 | - } |
|
| 55 | + return (int) mb_strlen($binary_string, '8bit'); |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - } else { |
|
| 59 | - /** |
|
| 60 | - * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 61 | - * |
|
| 62 | - * This version just used the default strlen() |
|
| 63 | - * |
|
| 64 | - * @param string $binary_string |
|
| 65 | - * |
|
| 66 | - * @throws TypeError |
|
| 67 | - * |
|
| 68 | - * @return int |
|
| 69 | - */ |
|
| 70 | - function RandomCompat_strlen($binary_string) |
|
| 71 | - { |
|
| 72 | - if (!is_string($binary_string)) { |
|
| 73 | - throw new TypeError( |
|
| 74 | - 'RandomCompat_strlen() expects a string' |
|
| 75 | - ); |
|
| 76 | - } |
|
| 77 | - return (int) strlen($binary_string); |
|
| 78 | - } |
|
| 79 | - } |
|
| 58 | + } else { |
|
| 59 | + /** |
|
| 60 | + * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 61 | + * |
|
| 62 | + * This version just used the default strlen() |
|
| 63 | + * |
|
| 64 | + * @param string $binary_string |
|
| 65 | + * |
|
| 66 | + * @throws TypeError |
|
| 67 | + * |
|
| 68 | + * @return int |
|
| 69 | + */ |
|
| 70 | + function RandomCompat_strlen($binary_string) |
|
| 71 | + { |
|
| 72 | + if (!is_string($binary_string)) { |
|
| 73 | + throw new TypeError( |
|
| 74 | + 'RandomCompat_strlen() expects a string' |
|
| 75 | + ); |
|
| 76 | + } |
|
| 77 | + return (int) strlen($binary_string); |
|
| 78 | + } |
|
| 79 | + } |
|
| 80 | 80 | } |
| 81 | 81 | |
| 82 | 82 | if (!is_callable('RandomCompat_substr')) { |
| 83 | 83 | |
| 84 | - if ( |
|
| 85 | - defined('MB_OVERLOAD_STRING') |
|
| 86 | - && |
|
| 87 | - ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 88 | - ) { |
|
| 89 | - /** |
|
| 90 | - * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 91 | - * |
|
| 92 | - * This version uses mb_substr() in '8bit' mode to treat strings as raw |
|
| 93 | - * binary rather than UTF-8, ISO-8859-1, etc |
|
| 94 | - * |
|
| 95 | - * @param string $binary_string |
|
| 96 | - * @param int $start |
|
| 97 | - * @param int|null $length (optional) |
|
| 98 | - * |
|
| 99 | - * @throws TypeError |
|
| 100 | - * |
|
| 101 | - * @return string |
|
| 102 | - */ |
|
| 103 | - function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 104 | - { |
|
| 105 | - if (!is_string($binary_string)) { |
|
| 106 | - throw new TypeError( |
|
| 107 | - 'RandomCompat_substr(): First argument should be a string' |
|
| 108 | - ); |
|
| 109 | - } |
|
| 84 | + if ( |
|
| 85 | + defined('MB_OVERLOAD_STRING') |
|
| 86 | + && |
|
| 87 | + ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 88 | + ) { |
|
| 89 | + /** |
|
| 90 | + * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 91 | + * |
|
| 92 | + * This version uses mb_substr() in '8bit' mode to treat strings as raw |
|
| 93 | + * binary rather than UTF-8, ISO-8859-1, etc |
|
| 94 | + * |
|
| 95 | + * @param string $binary_string |
|
| 96 | + * @param int $start |
|
| 97 | + * @param int|null $length (optional) |
|
| 98 | + * |
|
| 99 | + * @throws TypeError |
|
| 100 | + * |
|
| 101 | + * @return string |
|
| 102 | + */ |
|
| 103 | + function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 104 | + { |
|
| 105 | + if (!is_string($binary_string)) { |
|
| 106 | + throw new TypeError( |
|
| 107 | + 'RandomCompat_substr(): First argument should be a string' |
|
| 108 | + ); |
|
| 109 | + } |
|
| 110 | 110 | |
| 111 | - if (!is_int($start)) { |
|
| 112 | - throw new TypeError( |
|
| 113 | - 'RandomCompat_substr(): Second argument should be an integer' |
|
| 114 | - ); |
|
| 115 | - } |
|
| 111 | + if (!is_int($start)) { |
|
| 112 | + throw new TypeError( |
|
| 113 | + 'RandomCompat_substr(): Second argument should be an integer' |
|
| 114 | + ); |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - if ($length === null) { |
|
| 118 | - /** |
|
| 119 | - * mb_substr($str, 0, NULL, '8bit') returns an empty string on |
|
| 120 | - * PHP 5.3, so we have to find the length ourselves. |
|
| 121 | - */ |
|
| 122 | - /** @var int $length */ |
|
| 123 | - $length = RandomCompat_strlen($binary_string) - $start; |
|
| 124 | - } elseif (!is_int($length)) { |
|
| 125 | - throw new TypeError( |
|
| 126 | - 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 127 | - ); |
|
| 128 | - } |
|
| 117 | + if ($length === null) { |
|
| 118 | + /** |
|
| 119 | + * mb_substr($str, 0, NULL, '8bit') returns an empty string on |
|
| 120 | + * PHP 5.3, so we have to find the length ourselves. |
|
| 121 | + */ |
|
| 122 | + /** @var int $length */ |
|
| 123 | + $length = RandomCompat_strlen($binary_string) - $start; |
|
| 124 | + } elseif (!is_int($length)) { |
|
| 125 | + throw new TypeError( |
|
| 126 | + 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 127 | + ); |
|
| 128 | + } |
|
| 129 | 129 | |
| 130 | - // Consistency with PHP's behavior |
|
| 131 | - if ($start === RandomCompat_strlen($binary_string) && $length === 0) { |
|
| 132 | - return ''; |
|
| 133 | - } |
|
| 134 | - if ($start > RandomCompat_strlen($binary_string)) { |
|
| 135 | - return ''; |
|
| 136 | - } |
|
| 130 | + // Consistency with PHP's behavior |
|
| 131 | + if ($start === RandomCompat_strlen($binary_string) && $length === 0) { |
|
| 132 | + return ''; |
|
| 133 | + } |
|
| 134 | + if ($start > RandomCompat_strlen($binary_string)) { |
|
| 135 | + return ''; |
|
| 136 | + } |
|
| 137 | 137 | |
| 138 | - return (string) mb_substr( |
|
| 139 | - (string) $binary_string, |
|
| 140 | - (int) $start, |
|
| 141 | - (int) $length, |
|
| 142 | - '8bit' |
|
| 143 | - ); |
|
| 144 | - } |
|
| 138 | + return (string) mb_substr( |
|
| 139 | + (string) $binary_string, |
|
| 140 | + (int) $start, |
|
| 141 | + (int) $length, |
|
| 142 | + '8bit' |
|
| 143 | + ); |
|
| 144 | + } |
|
| 145 | 145 | |
| 146 | - } else { |
|
| 146 | + } else { |
|
| 147 | 147 | |
| 148 | - /** |
|
| 149 | - * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 150 | - * |
|
| 151 | - * This version just uses the default substr() |
|
| 152 | - * |
|
| 153 | - * @param string $binary_string |
|
| 154 | - * @param int $start |
|
| 155 | - * @param int|null $length (optional) |
|
| 156 | - * |
|
| 157 | - * @throws TypeError |
|
| 158 | - * |
|
| 159 | - * @return string |
|
| 160 | - */ |
|
| 161 | - function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 162 | - { |
|
| 163 | - if (!is_string($binary_string)) { |
|
| 164 | - throw new TypeError( |
|
| 165 | - 'RandomCompat_substr(): First argument should be a string' |
|
| 166 | - ); |
|
| 167 | - } |
|
| 148 | + /** |
|
| 149 | + * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 150 | + * |
|
| 151 | + * This version just uses the default substr() |
|
| 152 | + * |
|
| 153 | + * @param string $binary_string |
|
| 154 | + * @param int $start |
|
| 155 | + * @param int|null $length (optional) |
|
| 156 | + * |
|
| 157 | + * @throws TypeError |
|
| 158 | + * |
|
| 159 | + * @return string |
|
| 160 | + */ |
|
| 161 | + function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 162 | + { |
|
| 163 | + if (!is_string($binary_string)) { |
|
| 164 | + throw new TypeError( |
|
| 165 | + 'RandomCompat_substr(): First argument should be a string' |
|
| 166 | + ); |
|
| 167 | + } |
|
| 168 | 168 | |
| 169 | - if (!is_int($start)) { |
|
| 170 | - throw new TypeError( |
|
| 171 | - 'RandomCompat_substr(): Second argument should be an integer' |
|
| 172 | - ); |
|
| 173 | - } |
|
| 169 | + if (!is_int($start)) { |
|
| 170 | + throw new TypeError( |
|
| 171 | + 'RandomCompat_substr(): Second argument should be an integer' |
|
| 172 | + ); |
|
| 173 | + } |
|
| 174 | 174 | |
| 175 | - if ($length !== null) { |
|
| 176 | - if (!is_int($length)) { |
|
| 177 | - throw new TypeError( |
|
| 178 | - 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 179 | - ); |
|
| 180 | - } |
|
| 175 | + if ($length !== null) { |
|
| 176 | + if (!is_int($length)) { |
|
| 177 | + throw new TypeError( |
|
| 178 | + 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 179 | + ); |
|
| 180 | + } |
|
| 181 | 181 | |
| 182 | - return (string) substr( |
|
| 183 | - (string )$binary_string, |
|
| 184 | - (int) $start, |
|
| 185 | - (int) $length |
|
| 186 | - ); |
|
| 187 | - } |
|
| 182 | + return (string) substr( |
|
| 183 | + (string )$binary_string, |
|
| 184 | + (int) $start, |
|
| 185 | + (int) $length |
|
| 186 | + ); |
|
| 187 | + } |
|
| 188 | 188 | |
| 189 | - return (string) substr( |
|
| 190 | - (string) $binary_string, |
|
| 191 | - (int) $start |
|
| 192 | - ); |
|
| 193 | - } |
|
| 194 | - } |
|
| 189 | + return (string) substr( |
|
| 190 | + (string) $binary_string, |
|
| 191 | + (int) $start |
|
| 192 | + ); |
|
| 193 | + } |
|
| 194 | + } |
|
| 195 | 195 | } |
