diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-06-25 11:39:19 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-06-25 11:58:20 +0200 |
commit | 0f994df357c3aa9d7a29cca711cb5f6d29a4b614 (patch) | |
tree | 48b5d831294b1742857dcb3f8c742e60d5e89279 /web/html/passreset.php | |
parent | e686b495a86fd7d1fd537dea56fa9b9e148045f7 (diff) | |
download | aurweb-0f994df357c3aa9d7a29cca711cb5f6d29a4b614.tar.xz |
Simplify session ID generation
There was too much voodoo going on in new_sid(). Just use uniqid() with
a random seed and the optional entropy parameter to generate MD5 input.
Use the remote IP address as a salt to reduce the chance of two clients
getting the same ID if they login at exactly the same time.
Thanks-to: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html/passreset.php')
0 files changed, 0 insertions, 0 deletions