mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
BUGFIX Using RandomGenerator class in PasswordEncryptor->salt()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@114503 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
8b220b923a
commit
1dddd5252d
@ -81,16 +81,17 @@ abstract class PasswordEncryptor {
|
||||
|
||||
/**
|
||||
* Return a string value stored in the {@link Member->Salt} property.
|
||||
* By default uses sha1() and mt_rand();
|
||||
*
|
||||
* Note: Only used when {@link Security::$useSalt} is TRUE.
|
||||
*
|
||||
* @uses RandomGenerator
|
||||
*
|
||||
* @param String $password Cleartext password
|
||||
* @param Member $member (Optional)
|
||||
* @return String Maximum of 50 characters
|
||||
*/
|
||||
function salt($password, $member = null) {
|
||||
return substr(sha1(mt_rand()) . time(), 0, 50);
|
||||
$generator = new RandomGenerator();
|
||||
return substr($generator->generateHash('sha1'), 0, 50);
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user