Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

downgrade random_bytes() to work in PHP 5.6 #106

Closed
wants to merge 2 commits into from
Closed

downgrade random_bytes() to work in PHP 5.6 #106

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
508db09
downgrade random_bytes() to work in PHP 5.6
mambax7 Nov 20, 2023
748defb
removing return types, not supported in PHP 5.6
mambax7 Nov 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
157 changes: 157 additions & 0 deletions docs/changelog.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,163 @@
xmf ChangeLog
=============

Nov 20, 2023 v1.2.29
------------------
* add Random::generateSecureRandomBytes()
* replace random_bytes() with generateSecureRandomBytes() for PHP 5.6


Oct 30, 2023 v1.2.28
------------------
* Updates to library dependencies
* PHP 8.0 Error Suppression operator issues
* Handle case of no permissionHandler found
* Adds ULID support
* cosmetic and code improvements

Mar 19, 2023 v1.2.27
------------------
* Update to firebase/php-jwt 6.0.0

Apr 16, 2022 v1.2.26
------------------
* Add Xmf\Module\Helper\Permission::getItemIds($gperm_name, $gperm_groupid)
* Use new module version in XoopsCore25
* Fix issues in Xmf\Database\Tables and Xmf\Database\Migrate
* Fix some issues related to new PHP versions

May 7, 2021 v1.2.25
------------------
* add \Xmf\Module\Admin::renderNavigation() method

Mar 25, 2021 v1.2.24
------------------
* Fixes for PHP 5.3 compatibility

Feb 15, 2021 v1.2.23
------------------
* Additional fix in Debug for Kint 3.3

Feb 13, 2021 v1.2.22
------------------
* fixes in Debug for Kint 3.3

Feb 13, 2021 v1.2.21
------------------
* Library updates
* XOOPS standardization
* Minor code cleanups

Aug 18, 2020 v1.2.20
------------------
* \Xmf\Module\Helper\AbstractHelper::serializeForHelperLog() fix logging of a resource type
* Unit test updates for latest version of Webmozart\Assert

Feb 13, 2020 v1.2.19
------------------
* \Xmf\Yaml::read() eliminate PHP warning if specified file does not exist.

Dec 1, 2019 v1.2.18
------------------
* PHP 7.4 ready
* fix error in Database\Table::loadTableFromYamlFile()
* add Uuid::packAsBinary() and Uuid::unpackBinary() methods
* add Module/Helper/GenericHelper::uploadPath() and uploadUrl() methods
* add proxy support in IPAddress::fromRequest();

Mar 27, 2019 v1.2.17
------------------
- Docblock corrections

Nov 29, 2018 v1.2.16
------------------
- Fix database column quoting

Oct 1, 2018 v1.2.15
------------------
- Fix database column quoting for prefix indexes
- Add dirname() method to helper classes
- Changes Request::hasVar() default for $hash to 'default'

Mar 30, 2018 v1.2.14
------------------
- add serialization to non-scalar log data
- improved handling of custom key storage
- add some unit testing
- add roave/security-advisories requirement to catch security issues at build time
- Synchronization with XoopsCore

Nov 12, 2017 v1.2.12
------------------
- updates the supporting Kint library to version 2.2.

Nov 12, 2017 v1.2.11
------------------
- adds support for UUID generation using the Xmf\Uuid class.

Jul 24, 2017 v1.2.10
------------------
- fixes issues in Xmf\Random appearing under PHP 7.1. Xmf\Random will now avoid the mcrypt extension if at all possible, and use the native random_bytes() function in PHP 7+.

May 19, 2017 v1.2.9
------------------
- fixes issues in Xmf\Highlighter and Xmf\Metagen

May 7, 2017 v1.2.8
------------------
- add a missing option in \Xmf\Module\Helper\Permission::checkPermission()

Apr 29, 2017 v1.2.7
------------------
- fixes issue with Xmf\Metagen::generateSeoTitle

Apr 18, 2017 v1.2.6
------------------
- fixes issues with Xmf\Request::MASK_ALLOW_HTML

Apr 3, 2017 v1.2.5
------------------
- updates to kint-php/kint

Mar 6, 2017 v1.2.4
------------------
- adds Xmf\Assert

Mar 3, 2017 v1.2.3
------------------
- synchronizes some minor docblock changes

Feb 25, 2017 v1.2.2
------------------
- corrects issues with Yaml:readWrapped()

Nov 2, 2016 v1.2.0
------------------
- Separates the stop word logic from MetaGen into a new StopWords class
- Deprecates MetaGen::checkStopWords()

Sep 11, 2016 v1.1.4
------------------
- #17 Handle non-ascii text in Metagen::generateKeywords()

Aug 13, 2016 v1.1.3
------------------
- Fix #15 XoopsRequest class not found in StripSlashesRecursive method

Aug 6, 2016 v1.1.2
------------------
- Fix #13 Can't check isUserAdmin on Anonymous

Jul 28, 2016 v1.1.1
------------------
- firebase/php-jwt to 4.0.0
- Bump min PHP to 5.3.9 to allow symfony/yaml 2.8.*

Jul 14, 2016 v1.1.0
------------------
- Add Xmf\Database\Migrate class to provide schema synchronization capabilities for modules.
- Bug fixes in Xmf\Database\Tables including option to disable automatic quoting of values in update() and insert() to support using column functions instead of only scalars

01-Jun-2016 V1.0.2
------------------
- fix issues with file name validation in Xmf\Language::loadFile()
Expand Down
16 changes: 16 additions & 0 deletions src/Random.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,4 +101,20 @@ public static function generateKey($hash = 'sha512', $bytes = 128)
$token = hash($hash, $randomData);
return $token;
}

public static function generateSecureRandomBytes($length) {
if (function_exists('random_bytes')) {
return random_bytes($length);
} elseif (function_exists('openssl_random_pseudo_bytes')) {
return openssl_random_pseudo_bytes($length);
} else {
// Fallback to less secure random generation using mt_rand()
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= chr(mt_rand(0, 255));
}
return $randomString;
}
}

}
19 changes: 10 additions & 9 deletions src/Ulid.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,10 @@ class Ulid
/**
* Generate a new ULID.
*
* @param bool $upperCase
* @return string The generated ULID.
*/
public static function generate(bool $upperCase = true): string
public static function generate(bool $upperCase = true)
{
$time = self::microtimeToUlidTime(\microtime(true));
$timeChars = self::encodeTime($time);
Expand All @@ -47,7 +48,7 @@ public static function generate(bool $upperCase = true): string
*
* @return string
*/
public static function encodeTime(int $time): string
public static function encodeTime(int $time)
{
$encodingCharsArray = str_split(self::ENCODING_CHARS);
$timeChars = '';
Expand All @@ -59,10 +60,10 @@ public static function encodeTime(int $time): string
return $timeChars;
}

public static function encodeRandomness(): string
public static function encodeRandomness()
{
$encodingCharsArray = str_split(self::ENCODING_CHARS);
$randomBytes = \random_bytes(10); // 80 bits
$randomBytes = Random::generateSecureRandomBytess(10); // 80 bits
// Check if the random bytes were generated successfully.
if (false === $randomBytes) {
throw new \RuntimeException('Failed to generate random bytes');
Expand All @@ -86,7 +87,7 @@ public static function encodeRandomness(): string
*
* @return array
*/
public static function decode(string $ulid): array
public static function decode(string $ulid)
{
if (!self::isValid($ulid)) {
throw new \InvalidArgumentException('Invalid ULID string');
Expand All @@ -106,7 +107,7 @@ public static function decode(string $ulid): array
*
* @return int
*/
public static function decodeTime(string $ulid): int
public static function decodeTime(string $ulid)
{
// $encodingCharsArray = str_split(self::ENCODING_CHARS);

Expand All @@ -131,7 +132,7 @@ public static function decodeTime(string $ulid): int
*
* @return int
*/
public static function decodeRandomness(string $ulid): int
public static function decodeRandomness(string $ulid)
{
if (26 !== strlen($ulid)) {
throw new \InvalidArgumentException('Invalid ULID length'); // Changed line
Expand All @@ -158,7 +159,7 @@ public static function decodeRandomness(string $ulid): int
*
* @return bool
*/
public static function isValid(string $ulid): bool
public static function isValid(string $ulid)
{
// Check the length of the ULID string before throwing an exception.
if (26 !== strlen($ulid)) {
Expand All @@ -180,7 +181,7 @@ public static function isValid(string $ulid): bool
*
* @return int
*/
public static function microtimeToUlidTime(float $microtime): int
public static function microtimeToUlidTime(float $microtime)
{
$timestamp = $microtime * 1000000;
$unixEpoch = 946684800000000; // Microseconds since the Unix epoch.
Expand Down
2 changes: 1 addition & 1 deletion src/Uuid.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ class Uuid
*/
public static function generate()
{
$data = random_bytes(16);
$data = Random::generateSecureRandomBytes(16);

$data[6] = chr(ord($data[6]) & 0x0f | 0x40); // set version to 0100
$data[8] = chr(ord($data[8]) & 0x3f | 0x80); // set bits 6-7 to 10
Expand Down
Loading