From 4bfc3b28eaa5aca9d00c03394442ac72d9ac4bb8 Mon Sep 17 00:00:00 2001 From: Lucian Sirbu Date: Tue, 9 Apr 2019 15:50:00 +0300 Subject: Remove unnecessary srand() calls srand() should not be called manually, unless one has a better way to initialise the already-initialised random seed. The way the current srand() call is made is buggy, and will lead to duplicate random seeds if called often enough. Because the current call will lose the timestamp part, and will only use the first 6 chars from the current microsecond, but the system might not have a high-enough timer resolution, so the actual pool of random seeds gets even smaller. Fixes #532 Signed-off-by: Damien Regad --- session/crypt.inc.php | 5 ----- session/old/crypt.inc.php | 2 -- 2 files changed, 7 deletions(-) (limited to 'session') diff --git a/session/crypt.inc.php b/session/crypt.inc.php index 1468cb1a..94aa2831 100644 --- a/session/crypt.inc.php +++ b/session/crypt.inc.php @@ -16,7 +16,6 @@ class MD5Crypt{ function Encrypt($txt,$key) { - srand((double)microtime()*1000000); $encrypt_key = md5(rand(0,32000)); $ctr=0; $tmp = ""; @@ -45,7 +44,6 @@ class MD5Crypt{ function RandPass() { $randomPassword = ""; - srand((double)microtime()*1000000); for($i=0;$i<8;$i++) { $randnumber = rand(48,120); @@ -83,7 +81,6 @@ class SHA1Crypt{ function Encrypt($txt,$key) { - srand((double)microtime()*1000000); $encrypt_key = sha1(rand(0,32000)); $ctr=0; $tmp = ""; @@ -133,8 +130,6 @@ class SHA1Crypt{ function RandPass() { $randomPassword = ""; - srand((double)microtime()*1000000); - for($i=0;$i<8;$i++) { diff --git a/session/old/crypt.inc.php b/session/old/crypt.inc.php index 9c347db0..1ce75feb 100644 --- a/session/old/crypt.inc.php +++ b/session/old/crypt.inc.php @@ -16,7 +16,6 @@ class MD5Crypt{ function Encrypt($txt,$key) { - srand((double)microtime()*1000000); $encrypt_key = md5(rand(0,32000)); $ctr=0; $tmp = ""; @@ -45,7 +44,6 @@ class MD5Crypt{ function RandPass() { $randomPassword = ""; - srand((double)microtime()*1000000); for($i=0;$i<8;$i++) { $randnumber = rand(48,120); -- cgit v1.3