Remove unnecessary srand() calls

srand() should not be called manually, unless one has a better way to
initialise the already-initialised random seed.

The way the current srand() call is made is buggy, and will lead to
duplicate random seeds if called often enough. Because the current call
will lose the timestamp part, and will only use the first 6 chars from
the current microsecond, but the system might not have a high-enough
timer resolution, so the actual pool of random seeds gets even smaller.

Fixes #532

Signed-off-by: Damien Regad <dregad@mantisbt.org>

2 files changed, 0 insertions, 7 deletions

diff --git a/session/crypt.inc.php b/session/crypt.inc.php
index 1468cb1a..94aa2831 100644
--- a/session/crypt.inc.php
+++ b/session/crypt.inc.php
@@ -16,7 +16,6 @@ class MD5Crypt{
 
 		function Encrypt($txt,$key)
 		{
-				srand((double)microtime()*1000000);
 				$encrypt_key = md5(rand(0,32000));
 				$ctr=0;
 				$tmp = "";
@@ -45,7 +44,6 @@ class MD5Crypt{
 		function RandPass()
 		{
 				$randomPassword = "";
-				srand((double)microtime()*1000000);
 				for($i=0;$i<8;$i++)
 				{
 						$randnumber = rand(48,120);
@@ -83,7 +81,6 @@ class SHA1Crypt{
 		function Encrypt($txt,$key)
 		{
 
-				srand((double)microtime()*1000000);
 				$encrypt_key = sha1(rand(0,32000));
 				$ctr=0;
 				$tmp = "";
@@ -133,8 +130,6 @@ class SHA1Crypt{
 		function RandPass()
 		{
 				$randomPassword = "";
-				srand((double)microtime()*1000000);
-
 				for($i=0;$i<8;$i++)
 				{
 
diff --git a/session/old/crypt.inc.php b/session/old/crypt.inc.php
index 9c347db0..1ce75feb 100644
--- a/session/old/crypt.inc.php
+++ b/session/old/crypt.inc.php
@@ -16,7 +16,6 @@ class MD5Crypt{
 
 		function Encrypt($txt,$key)
 		{
-				srand((double)microtime()*1000000);
 				$encrypt_key = md5(rand(0,32000));
 				$ctr=0;
 				$tmp = "";
@@ -45,7 +44,6 @@ class MD5Crypt{
 		function RandPass()
 		{
 				$randomPassword = "";
-				srand((double)microtime()*1000000);
 				for($i=0;$i<8;$i++)
 				{
 						$randnumber = rand(48,120);