make the random generation more secure

This commit is contained in:
botanic 2014-09-08 11:46:43 -07:00
parent 4c0efd1b1a
commit 6c3b6ea6f0

View file

@ -606,14 +606,16 @@ class Ticket{
public static function add_Attachment($TId,$filename,$author,$tempFile){ public static function add_Attachment($TId,$filename,$author,$tempFile){
global $FILE_STORAGE_PATH; global $FILE_STORAGE_PATH;
$length = 20; $length = mt_rand(20, 25);
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-_'; $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ$-_.+!*\'(),';
$randomString = ''; $randomString = '';
for ($i = 0; $i < $length; $i++) { for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)]; $randomString .= $characters[rand(0, strlen($characters) - 1)];
} }
$targetFile = $FILE_STORAGE_PATH . $randomString . "/" . $filename; $targetFile = $FILE_STORAGE_PATH . $randomString . "/" . $filename;
if(file_exists($targetFile)) { return self::add_Attachment($TId,$filename,$author,$tempFile); }
$ticket = new Ticket(); $ticket = new Ticket();
$ticket->load_With_TId($TId); $ticket->load_With_TId($TId);