1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/* |
4
|
|
|
* The RandomLib library for securely generating random numbers and strings in PHP |
5
|
|
|
* |
6
|
|
|
* @author Anthony Ferrara <[email protected]> |
7
|
|
|
* @copyright 2011 The Authors |
8
|
|
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License |
9
|
|
|
* @version Build @@version@@ |
10
|
|
|
*/ |
11
|
|
|
|
12
|
|
|
/** |
13
|
|
|
* The Rand Random Number Source |
14
|
|
|
* |
15
|
|
|
* This source generates low strength random numbers by using the internal |
16
|
|
|
* rand() function. By itself it is quite weak. However when combined with |
17
|
|
|
* other sources it does provide significant benefit. |
18
|
|
|
* |
19
|
|
|
* PHP version 5.3 |
20
|
|
|
* |
21
|
|
|
* @category PHPCryptLib |
22
|
|
|
* @package Random |
23
|
|
|
* @subpackage Source |
24
|
|
|
* |
25
|
|
|
* @author Anthony Ferrara <[email protected]> |
26
|
|
|
* @copyright 2011 The Authors |
27
|
|
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License |
28
|
|
|
* |
29
|
|
|
* @version Build @@version@@ |
30
|
|
|
*/ |
31
|
|
|
namespace RandomLib\Source; |
32
|
|
|
|
33
|
|
|
use SecurityLib\Strength; |
34
|
|
|
|
35
|
|
|
/** |
36
|
|
|
* The Rand Random Number Source |
37
|
|
|
* |
38
|
|
|
* This source generates low strength random numbers by using the internal |
39
|
|
|
* rand() function. By itself it is quite weak. However when combined with |
40
|
|
|
* other sources it does provide significant benefit. |
41
|
|
|
* |
42
|
|
|
* @category PHPCryptLib |
43
|
|
|
* @package Random |
44
|
|
|
* @subpackage Source |
45
|
|
|
* |
46
|
|
|
* @author Anthony Ferrara <[email protected]> |
47
|
|
|
* @codeCoverageIgnore |
48
|
|
|
*/ |
49
|
|
View Code Duplication |
class Rand extends \RandomLib\AbstractSource |
|
|
|
|
50
|
|
|
{ |
51
|
|
|
|
52
|
|
|
/** |
53
|
|
|
* Return an instance of Strength indicating the strength of the source |
54
|
|
|
* |
55
|
|
|
* @return \SecurityLib\Strength An instance of one of the strength classes |
56
|
|
|
*/ |
57
|
|
|
public static function getStrength() |
58
|
|
|
{ |
59
|
|
|
// Detect if Suhosin Hardened PHP patch is applied |
60
|
|
|
if (defined('S_ALL')) { |
61
|
|
|
return new Strength(Strength::LOW); |
62
|
|
|
} else { |
63
|
|
|
return new Strength(Strength::VERYLOW); |
64
|
|
|
} |
65
|
|
|
} |
66
|
|
|
|
67
|
|
|
/** |
68
|
|
|
* Generate a random string of the specified size |
69
|
|
|
* |
70
|
|
|
* @param int $size The size of the requested random string |
71
|
|
|
* |
72
|
|
|
* @return string A string of the requested size |
73
|
|
|
*/ |
74
|
|
|
public function generate($size) |
75
|
|
|
{ |
76
|
|
|
$result = ''; |
77
|
|
|
for ($i = 0; $i < $size; $i++) { |
78
|
|
|
$result .= chr((rand() ^ rand()) % 256); |
79
|
|
|
} |
80
|
|
|
|
81
|
|
|
return $result; |
82
|
|
|
} |
83
|
|
|
} |
84
|
|
|
|
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.