From 39e2b003129be3cd078b464f94522255f1f3c37f Mon Sep 17 00:00:00 2001 From: Kazuki Przyborowski Date: Wed, 21 Apr 2010 02:48:27 +0000 Subject: [PATCH] Small update to uuid generator. git-svn-id: svn://svn.code.sf.net/p/intdb/svn/trunk@468 2b68903e-0b30-0410-9a39-a2e4f3c5be39 --- inc/admin/main.php | 11 +++++--- inc/events.php | 4 +-- inc/function.php | 77 ++++++++++++++++++++++++++++---------------------- inc/members.php | 6 ++-- inc/misc/functions.php | 25 ++++++++++++++-- inc/pm.php | 4 +-- inc/replies.php | 8 +++--- inc/topics.php | 4 +-- inc/versioninfo.php | 6 ++-- setup/mkconfig.php | 4 +-- 10 files changed, 91 insertions(+), 58 deletions(-) diff --git a/inc/admin/main.php b/inc/admin/main.php index c2b2b1c..6c0feca 100644 --- a/inc/admin/main.php +++ b/inc/admin/main.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: main.php - Last Update: 04/06/2010 SVN 463 - Author: cooldude2k $ + $FileInfo: main.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="main.php"||$File3Name=="/main.php") { @@ -270,6 +270,9 @@ $AdminCheckURL = url_maker($exfile['admin'],$Settings['file_ext'],"act=vercheck& ?> Forum Software Version:  " onclick="window.open(this.href);return false;">Version Check: Click to see more info. + + Forum UUID: + Version Checker: #iverinfo" onclick="idbvercheck(); document.getElementById('clickhere').style.display = 'none';">Click Here @@ -519,7 +522,7 @@ if ($handle = opendir($skindir)) { $dirnum = null; $_SESSION['UserGroup']!=$Settings['GuestGroup']&&$GroupInfo['HasAdminCP']=="yes") { $_POST = array_map("rsq", $_POST); if(!isset($Settings['BoardUUID'])||$Settings['BoardUUID']===null) { - $Settings['BoardUUID'] = uuid(false,true,false,$Settings['use_hashtype'],null); } + $Settings['BoardUUID'] = rand_uuid("rand"); } $Settings['board_name'] = htmlspecialchars($Settings['board_name'], ENT_QUOTES, $Settings['charset']); $Settings['board_name'] = fixbamps($Settings['board_name']); $Settings['board_name'] = remove_spaces($Settings['board_name']); @@ -687,7 +690,7 @@ require('settings.php'); $admincptitle = " ".$ThemeSet['TitleDivider']." Databas $GroupInfo['ViewDBInfo']=="yes") { $_POST = array_map("rsq", $_POST); if(!isset($Settings['BoardUUID'])||$Settings['BoardUUID']===null) { - $Settings['BoardUUID'] = uuid(false,true,false,$Settings['use_hashtype'],null); } + $Settings['BoardUUID'] = rand_uuid("rand"); } $Settings['board_name'] = htmlspecialchars($Settings['board_name'], ENT_QUOTES, $Settings['charset']); $Settings['board_name'] = fixbamps($Settings['board_name']); $Settings['board_name'] = remove_spaces($Settings['board_name']); @@ -838,7 +841,7 @@ require('settings.php'); $admincptitle = " ".$ThemeSet['TitleDivider']." Board I $_SESSION['UserGroup']!=$Settings['GuestGroup']&&$GroupInfo['HasAdminCP']=="yes") { $_POST = array_map("rsq", $_POST); if(!isset($Settings['BoardUUID'])||$Settings['BoardUUID']===null) { - $Settings['BoardUUID'] = uuid(false,true,false,$Settings['use_hashtype'],null); } + $Settings['BoardUUID'] = rand_uuid("rand"); } $_POST['board_name'] = htmlspecialchars($_POST['board_name'], ENT_QUOTES, $Settings['charset']); $_POST['board_name'] = fixbamps($_POST['board_name']); $_POST['board_name'] = remove_spaces($_POST['board_name']); diff --git a/inc/events.php b/inc/events.php index 9b2cc83..cac333d 100644 --- a/inc/events.php +++ b/inc/events.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: events.php - Last Update: 01/01/2010 SVN 438 - Author: cooldude2k $ + $FileInfo: events.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="events.php"||$File3Name=="/events.php") { @@ -183,7 +183,7 @@ echo url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr if($GroupInfo['CanAddEvents']=="no") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); ob_clean(); header("Content-Type: text/plain; charset=".$Settings['charset']); gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); } -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
">Board index">Making a Event
diff --git a/inc/function.php b/inc/function.php index 06a684a..b48d8ac 100644 --- a/inc/function.php +++ b/inc/function.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: function.php - Last Update: 04/12/2010 SVN 466 - Author: cooldude2k $ + $FileInfo: function.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="function.php"||$File3Name=="/function.php") { @@ -62,46 +62,57 @@ $REFERERurl = null; function output_error($message, $level=E_USER_ERROR) { $caller = next(debug_backtrace()); trigger_error($message.' in '.$caller['function'].' called from '.$caller['file'].' on line '.$caller['line'].''."\n
error handler", $level); } -// http://www.ajaxray.com/blog/2008/02/06/php-uuid-generator-function/ +// http://us.php.net/manual/en/function.uniqid.php#94959 /** * Generates an UUID * - * @author Anis uddin Ahmad - * @param string an optional prefix - * @return string the formatted uuid + * @author Andrew Moore + * @url http://us.php.net/manual/en/function.uniqid.php#94959 */ - function uuid($useold = false,$more_entropy = false,$mtrand = false,$hash = 'sha1',$prefix = '') - { - if($useold===true&&$mtrand===false) { +function uuid($uuidver = "v4", $rndty = "rand", $namespace = null, $name = null) { +if($uuidver!="v3"&&$uuidver!="v4"&&$uuidver!="v5") { $uuidver = "v4"; } +if($uuidver=="v4") { + return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x', + $rndty(0, 0xffff), $rndty(0, 0xffff), + $rndty(0, 0xffff), + $rndty(0, 0x0fff) | 0x4000, + $rndty(0, 0x3fff) | 0x8000, + $rndty(0, 0xffff), $rndty(0, 0xffff), $rndty(0, 0xffff) ); } +if($uuidver=="v3"||$uuidver=="v5") { + if($namespace===null) { + $namespace = uuid("v4",$rndty); } + $nhex = str_replace(array('-','{','}'), '', $namespace); + $nstr = ''; + for($i = 0; $i < strlen($nhex); $i+=2) { + $nstr .= chr(hexdec($nhex[$i].$nhex[$i+1])); + } + if($name===null) { $name = salt_hmac(); } + // Calculate hash value + if($uuidver=="v3") { + $uuidverid = 0x3000; if (function_exists('hash')) { - $prehash = hash($hash, rand()); } + $hash = hash("md5", $nstr . $name); } if (!function_exists('hash')) { - $prehash = $hash(rand()); } - $chars = uniqid($hash(rand()),$more_entropy); } - if($useold===false&&$mtrand===false) { + $hash = md5($nstr . $name); } } + if($uuidver=="v5") { + $uuidverid = 0x5000; if (function_exists('hash')) { - $chars = hash($hash, uniqid(rand(),$more_entropy)); } + $hash = hash("sha1", $nstr . $name); } if (!function_exists('hash')) { - $chars = $hash(uniqid(rand(),$more_entropy)); } } - if($useold===true&&$mtrand===true) { - if (function_exists('hash')) { - $prehash = hash($hash, mt_rand()); } - if (!function_exists('hash')) { - $prehash = $hash(mt_rand()); } - $chars = uniqid($hash(mt_rand()),$more_entropy); } - if($useold===false&&$mtrand===true) { - if (function_exists('hash')) { - $chars = hash($hash, uniqid(mt_rand(),$more_entropy)); } - if (!function_exists('hash')) { - $chars = $hash(uniqid(mt_rand(),$more_entropy)); } } - $uuid = substr($chars,0,8) . '-'; - $uuid .= substr($chars,8,4) . '-'; - $uuid .= substr($chars,12,4) . '-'; - $uuid .= substr($chars,16,4) . '-'; - $uuid .= substr($chars,20,12); - if(isset($prefix)) { return $prefix . $uuid; } - if(!isset($prefix)) { return $uuid; } - } + $hash = sha1($nstr . $name); } } + return sprintf('%08s-%04s-%04x-%04x-%12s', + substr($hash, 0, 8), + substr($hash, 8, 4), + (hexdec(substr($hash, 12, 4)) & 0x0fff) | $uuidverid, + (hexdec(substr($hash, 16, 4)) & 0x3fff) | 0x8000, + substr($hash, 20, 12) ); } } +function rand_uuid($rndty = "rand", $namespace = null, $name = null) { +$rand_array = array(1 => "v3", 2 => "v4", 3 => "v5"); +if($name===null) { $name = salt_hmac(); } +$my_uuid = $rand_array[$rndty(1,3)]; +if($my_uuid=="v4") { return uuid("v4",$rndty); } +if($my_uuid=="v3"||$my_uuid=="v5") { +return uuid($my_uuid,$rndty,$name); } } // unserialize sessions variables function unserialize_session($data) { $vars=preg_split('/([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff^|]*)\|/', diff --git a/inc/members.php b/inc/members.php index a2abbf6..bb9dfd6 100644 --- a/inc/members.php +++ b/inc/members.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: members.php - Last Update: 04/10/2010 SVN 465 - Author: cooldude2k $ + $FileInfo: members.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="members.php"||$File3Name=="/members.php") { @@ -741,7 +741,7 @@ $_SESSION['ViewingFile'] = $exfile['member']; } $_SESSION['PreViewingTitle'] = "Act: "; $_SESSION['ViewingTitle'] = "Logging in"; $membertitle = " ".$ThemeSet['TitleDivider']." Login"; -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
">Board index">Login
@@ -1022,7 +1022,7 @@ if($Settings['file_ext']=="no+ext"||$Settings['file_ext']=="no ext") { $_SESSION['ViewingFile'] = $exfile['member']; } $_SESSION['PreViewingTitle'] = "Act: "; $_SESSION['ViewingTitle'] = "Signing up"; -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
">Board index">Signup
diff --git a/inc/misc/functions.php b/inc/misc/functions.php index 0e80edb..ef881b3 100644 --- a/inc/misc/functions.php +++ b/inc/misc/functions.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: functions.php - Last Update: 04/12/2010 SVN 466 - Author: cooldude2k $ + $FileInfo: functions.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="functions.php"||$File3Name=="/functions.php") { @@ -313,6 +313,25 @@ sql_free_result($gunresult); $UsersInfo['Name'] = $UsersName; $UsersInfo['Hidden'] = $UsersHidden; return $UsersInfo; } +if(!function_exists('hash_hmac')) { +function hash_hmac($algo, $data, $key, $raw_output = false) { + $blocksize = 64; + if (strlen($key)>$blocksize) { + if (function_exists('hash')) { + $key=pack('H*',hash($hash, $key)); } + if (!function_exists('hash')) { + $key=pack('H*',$hash($key)); } } + $key=str_pad($key, $blocksize, chr(0x00)); + $ipad=str_repeat(chr(0x36),$blocksize); + $opad=str_repeat(chr(0x5c),$blocksize); + return hash($algo, ($key^$opad).pack('H*',hash($algo, ($key^$ipad).$data))); } } +if(!function_exists('hash')) { +function hash($algo, $data, $raw_output = false) { +if($algo!="md5"&&$algo!="sha1") { $algo = "md5"; } +return $algo($data); } } +if(!function_exists('hash_algos')) { +function hash_algos() { +return array(0 => "md5", 1 => "sha1"); } } // hmac hash function function hmac($data,$key,$hash='sha1',$blocksize=64) { if (!function_exists('hash_hmac')) { @@ -340,8 +359,8 @@ function b64e_rot13_hmac($data,$key,$extdata,$hash='sha1',$blocksize=64) { $extdata2 = hexdec($extdata); $key = $key.$extdata2; return base64_encode(hmac($data,$key,$hash,$blocksize).$extdata); } // salt hmac hash function -function salt_hmac($size1=4,$size2=6) { -$hprand = rand(4,6); $i = 0; $hpass = ""; +function salt_hmac($size1=6,$size2=12) { +$hprand = rand($size1,$size2); $i = 0; $hpass = ""; while ($i < $hprand) { $hspsrand = rand(1,2); if($hspsrand!=1&&$hspsrand!=2) { $hspsrand=1; } diff --git a/inc/pm.php b/inc/pm.php index 79530ca..507f2d0 100644 --- a/inc/pm.php +++ b/inc/pm.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: pm.php - Last Update: 01/01/2010 SVN 438 - Author: cooldude2k $ + $FileInfo: pm.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="pm.php"||$File3Name=="/pm.php") { @@ -615,7 +615,7 @@ $QuoteDescription = "Re: ".$QuoteDescription; $QuoteTitle = str_replace("Re: ","",$QuoteTitle); $QuoteTitle = "Re: ".$QuoteTitle; $QuoteReply = null; } -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
diff --git a/inc/replies.php b/inc/replies.php index d7b256d..9f762ab 100644 --- a/inc/replies.php +++ b/inc/replies.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: replies.php - Last Update: 01/01/2010 SVN 438 - Author: cooldude2k $ + $FileInfo: replies.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="replies.php"||$File3Name=="/replies.php") { @@ -587,7 +587,7 @@ $QuoteReply = null; $QuoteDescription = null; } if($rCategoryKarmaCountView!=0&&$MyKarmaCount<$rCategoryKarmaCountView) { $QuoteReply = null; $QuoteDescription = null; } } } if($_GET['post']==null||$num<1) { $QuoteReply = null; /*$QuoteDescription = null;*/ } -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
@@ -1186,7 +1186,7 @@ if($PermissionInfo['CanEditTopicsClose'][$TopicForumID]=="no"&&$TopicClosed==1) $TopicName = remove_spaces($TopicName); if($ShowEditTopic===true) { sql_free_result($gtsresult); } -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
@@ -1608,7 +1608,7 @@ $QuoteDescription=sql_result($resultra,0,"Description"); $QuoteDescription = str_replace("Re: ","",$QuoteDescription); $QuoteDescription = "Re: ".$QuoteDescription; sql_free_result($resultra); -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
id="FastReply"> diff --git a/inc/topics.php b/inc/topics.php index ce9199b..5433d0d 100644 --- a/inc/topics.php +++ b/inc/topics.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: topics.php - Last Update: 01/01/2010 SVN 438 - Author: cooldude2k $ + $FileInfo: topics.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="topics.php"||$File3Name=="/topics.php") { @@ -513,7 +513,7 @@ redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"a if($PermissionInfo['CanMakeTopics'][$ForumID]=="no"||$CanHaveTopics=="no") { redirect("location",$basedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); ob_clean(); header("Content-Type: text/plain; charset=".$Settings['charset']); gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); } -$UFID = uuid(false,true,false,$Settings['use_hashtype'],null); +$UFID = rand_uuid("rand"); $_SESSION['UserFormID'] = $UFID; ?>
diff --git a/inc/versioninfo.php b/inc/versioninfo.php index 47764b4..10ce487 100644 --- a/inc/versioninfo.php +++ b/inc/versioninfo.php @@ -11,7 +11,7 @@ Copyright 2004-2010 iDB Support - http://idb.berlios.de/ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: versioninfo.php - Last Update: 04/14/2010 SVN 467 - Author: cooldude2k $ + $FileInfo: versioninfo.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="versioninfo.php"||$File3Name=="/versioninfo.php") { @@ -27,8 +27,8 @@ function version_info($proname,$subver,$ver,$supver,$reltype,$svnver,$showsvn) { return $return_var; } // Version number and date stuff. :P $VER1[0] = 0; $VER1[1] = 3; $VER1[2] = 8; $VERFull[1] = $VER1[0].".".$VER1[1].".".$VER1[2]; -$VER2[0] = "Alpha"; $VER2[1] = "Al"; $VER2[2] = "SVN"; $SubVerN = 467; $RName = "iDB"; $SFName = "IntDB"; -$SVNDay[0] = 04; $SVNDay[1] = 14; $SVNDay[2] = 2010; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; +$VER2[0] = "Alpha"; $VER2[1] = "Al"; $VER2[2] = "SVN"; $SubVerN = 468; $RName = "iDB"; $SFName = "IntDB"; +$SVNDay[0] = 04; $SVNDay[1] = 20; $SVNDay[2] = 2010; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; $VerInfo['iDB_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,false); $VerInfo['iDB_Ver_SVN'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,true); $VerInfo['iDB_Full_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[0],$SubVerN,false); diff --git a/setup/mkconfig.php b/setup/mkconfig.php index 4906dc1..1db2528 100644 --- a/setup/mkconfig.php +++ b/setup/mkconfig.php @@ -12,7 +12,7 @@ Copyright 2004-2010 Game Maker 2k - http://gamemaker2k.org/ iDB Installer made by Game Maker 2k - http://idb.berlios.net/ - $FileInfo: mkconfig.php - Last Update: 04/10/2010 SVN 465 - Author: cooldude2k $ + $FileInfo: mkconfig.php - Last Update: 04/20/2010 SVN 468 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="mkconfig.php"||$File3Name=="/mkconfig.php") { @@ -141,7 +141,7 @@ sql_set_charset($SQLCharset,$SQLStat); if($SQLStat===false) { $Error="Yes"; echo "
".sql_errorno($SQLStat)."\n"; } if ($Error!="Yes") { -$ServerUUID = uuid(false,true,false,$_POST['usehashtype'],null); +$ServerUUID = rand_uuid("rand"); if(!is_numeric($_POST['YourOffSet'])) { $_POST['YourOffSet'] = "0"; } if($_POST['YourOffSet']>12) { $_POST['YourOffSet'] = "12"; } if($_POST['YourOffSet']<-12) { $_POST['YourOffSet'] = "-12"; } -- 2.11.0