update util functions

2017-01-08 13:44:03 +08:00 · 2017-01-08 13:44:03 +08:00 · 1d4dca0ff3
commit 1d4dca0ff3
parent ee81077b00
3 changed files with 9 additions and 22 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@ -180,7 +180,7 @@ class AuthController extends Controller

        $uid = $user->uid;
        // generate token for password resetting
-        $token = base64_encode($user->getToken().substr(time(), 4, 6).Utils::generateRndString(16));
+        $token = base64_encode($user->getToken().substr(time(), 4, 6).str_random(16));

        $url = Option::get('site_url')."/auth/reset?uid=$uid&token=$token";

--- a/app/Services/Cipher/BaseCipher.php
+++ b/app/Services/Cipher/BaseCipher.php
@ -17,7 +17,7 @@ abstract class BaseCipher implements EncryptInterface
     */
    public function verify($password, $hash, $salt = "")
    {
-        return ($this->hash($password, $salt) === $hash);
+        return hash_equals($hash, $this->hash($password, $salt));
    }

 }
--- a/app/Services/Utils.php
+++ b/app/Services/Utils.php
@ -207,32 +207,13 @@ class Utils
        return strlen(stream_get_contents($fp));
    }

-    /**
-     * Generate random string
-     *
-     * @param  int  $length
-     * @param  bool $special_chars
-     * @return string
-     */
-    public static function generateRndString($length, $special_chars = true)
-    {
-        $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
-        if ($special_chars) $chars .= "!@#$%^&*()-_ []{}<>~`+=,.;:/?|";
-
-        $rnd_string = '';
-        for ($i = 0; $i < $length; $i++) {
-            $rnd_string .= $chars[mt_rand(0, strlen($chars) - 1)];
-        }
-        return $rnd_string;
-    }
-
    public static function getTimeFormatted($timestamp = 0)
    {
        return ($timestamp == 0) ? date('Y-m-d H:i:s') : date('Y-m-d H:i:s', $timestamp);
    }

    /**
-     * Replace content of string according to given rules
+     * Replace content of string according to given rules.
     *
     * @param  string $str
     * @param  array  $rules
@ -246,6 +227,12 @@ class Utils
        return $str;
    }

+    /**
+     * Convert error number of uploading files to human-readable text.
+     *
+     * @param  int  $errno
+     * @return string
+     */
    public static function convertUploadFileError($errno = 0)
    {
        $phpFileUploadErrors = [