[BUGFIX] Add more entropy to uniqid 28/33328/3
authorTymoteusz Motylewski <t.motylewski@gmail.com>
Fri, 20 Jun 2014 15:13:30 +0000 (17:13 +0200)
committerMarkus Klein <klein.t3@reelworx.at>
Thu, 11 Dec 2014 00:47:01 +0000 (01:47 +0100)
uniqid() generates values based on current time,
subsequent calls may return the same value on a fast machine.

On Windows it's even worse, as uniqid()
has single-second-resolution out of the box.

Right now it is used in many places in the core,
also for creating temporary identifiers
for newly created records (in the datahandler).

The solution is to add a second parameter to
all calls (which adds more entropy).
see http://php.net/manual/en/function.uniqid.php

To make code consistent, this change adds the
 second parameter to all occurences of uniqid.

Resolves: #59701
Resolves: #58602
Resolves: #59055
Releases: master, 6.2
Change-Id: Id791556d45b4289d75411ff19ae050144fbfe51b
Reviewed-on: http://review.typo3.org/33328
Reviewed-by: Markus Klein <klein.t3@reelworx.at>
Tested-by: Markus Klein <klein.t3@reelworx.at>
35 files changed:
typo3/sysext/backend/Classes/AjaxLoginHandler.php
typo3/sysext/backend/Classes/Controller/BackendController.php
typo3/sysext/backend/Classes/Controller/EditDocumentController.php
typo3/sysext/backend/Classes/Controller/PageLayoutController.php
typo3/sysext/backend/Classes/Form/DataPreprocessor.php
typo3/sysext/backend/Classes/Form/Element/InlineElement.php
typo3/sysext/backend/Classes/Form/FormEngine.php
typo3/sysext/backend/Classes/View/PageLayoutView.php
typo3/sysext/core/Classes/Cache/Backend/FileBackend.php
typo3/sysext/core/Classes/Cache/Backend/RedisBackend.php
typo3/sysext/core/Classes/Cache/Backend/SimpleFileBackend.php
typo3/sysext/core/Classes/Core/Bootstrap.php
typo3/sysext/core/Classes/DataHandling/DataHandler.php
typo3/sysext/core/Classes/Database/DatabaseConnection.php
typo3/sysext/core/Classes/Imaging/GraphicalFunctions.php
typo3/sysext/core/Classes/Package/PackageManager.php
typo3/sysext/core/Classes/Package/UnitTestPackageManager.php
typo3/sysext/core/Classes/Resource/ResourceStorage.php
typo3/sysext/core/Classes/TypoScript/ExtendedTemplateService.php
typo3/sysext/core/Classes/Utility/File/BasicFileUtility.php
typo3/sysext/core/Classes/Utility/GeneralUtility.php
typo3/sysext/core/Tests/BaseTestCase.php
typo3/sysext/core/Tests/Functional/DataHandling/Framework/ActionService.php
typo3/sysext/form/Classes/Domain/Model/Element/SelectElement.php [deleted file]
typo3/sysext/frontend/Classes/ContentObject/FlowPlayerContentObject.php
typo3/sysext/frontend/Classes/ContentObject/QuicktimeObjectContentObject.php
typo3/sysext/frontend/Classes/ContentObject/ShockwaveFlashObjectContentObject.php
typo3/sysext/impexp/Classes/ImportExport.php
typo3/sysext/install/Classes/Controller/Action/Tool/TestSetup.php
typo3/sysext/install/Classes/FolderStructure/DirectoryNode.php
typo3/sysext/install/Classes/Service/CoreUpdateService.php
typo3/sysext/rsaauth/Classes/Backend/CommandLineBackend.php
typo3/sysext/sv/Classes/LoginFormHook.php
typo3/sysext/version/Classes/Hook/PreviewHook.php
typo3/sysext/workspaces/Classes/Controller/PreviewController.php

index 731a8fd..55a7ba9 100644 (file)
@@ -137,7 +137,7 @@ class AjaxLoginHandler {
         */
        public function getChallenge(array $parameters, \TYPO3\CMS\Core\Http\AjaxRequestHandler $parent) {
                session_start();
-               $_SESSION['login_challenge'] = md5(uniqid('') . getmypid());
+               $_SESSION['login_challenge'] = md5(uniqid('', TRUE) . getmypid());
                session_commit();
                $parent->addContent('challenge', $_SESSION['login_challenge']);
                $parent->setContentFormat('json');
index 91e9378..ab90f69 100644 (file)
@@ -474,7 +474,7 @@ class BackendController {
                        'PATH_typo3' => $pathTYPO3,
                        'PATH_typo3_enc' => rawurlencode($pathTYPO3),
                        'username' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
-                       'uniqueID' => GeneralUtility::shortMD5(uniqid('')),
+                       'uniqueID' => GeneralUtility::shortMD5(uniqid('', TRUE)),
                        'securityLevel' => $this->loginSecurityLevel,
                        'TYPO3_mainDir' => TYPO3_mainDir,
                        'pageModule' => $pageModule,
index e89fd77..203cbd6 100644 (file)
@@ -864,7 +864,7 @@ class EditDocumentController {
                                                                // 'new'
                                                                $trData->fetchRecord($table, $theUid, $cmd == 'new' ? 'new' : '');
                                                                $rec = reset($trData->regTableItems_data);
-                                                               $rec['uid'] = $cmd == 'new' ? uniqid('NEW') : $theUid;
+                                                               $rec['uid'] = $cmd == 'new' ? uniqid('NEW', TRUE) : $theUid;
                                                                if ($cmd == 'new') {
                                                                        $rec['pid'] = $theUid == 'prev' ? $thePrevUid : $theUid;
                                                                }
index e694ce9..f12b4bb 100644 (file)
@@ -759,7 +759,7 @@ class PageLayoutController {
                        reset($trData->regTableItems_data);
                        $rec = current($trData->regTableItems_data);
                        if ($uidVal == 'new') {
-                               $new_unique_uid = uniqid('NEW');
+                               $new_unique_uid = uniqid('NEW', TRUE);
                                $rec['uid'] = $new_unique_uid;
                                $rec['pid'] = (int)$ex_pid ?: $this->id;
                                $recordAccess = TRUE;
index 0f07fd8..f970bb8 100644 (file)
@@ -158,7 +158,7 @@ class DataPreprocessor {
                                                        $GLOBALS['TYPO3_DB']->sql_free_result($res);
                                                }
                                                // Finally, call renderRecord:
-                                               $this->renderRecord($table, uniqid('NEW'), $id, $newRow);
+                                               $this->renderRecord($table, uniqid('NEW', TRUE), $id, $newRow);
                                        } else {
                                                $id = (int)$id;
                                                // Fetch database values
index 895926c..280108d 100644 (file)
@@ -1536,7 +1536,7 @@ class InlineElement {
                                        if (!empty($foreignTranslationPointerField)) {
                                                $record[$foreignTranslationPointerField] = $record['uid'];
                                        }
-                                       $newId = uniqid('NEW');
+                                       $newId = uniqid('NEW', TRUE);
                                        $record['uid'] = $newId;
                                        $record['pid'] = $this->inlineFirstPid;
                                        $relatedRecords['records'][$newId] = $record;
@@ -1783,7 +1783,7 @@ class InlineElement {
         */
        public function getNewRecord($pid, $table) {
                $rec = $this->getRecord($pid, $table, $pid, 'new');
-               $rec['uid'] = uniqid('NEW');
+               $rec['uid'] = uniqid('NEW', TRUE);
                $rec['pid'] = $this->getNewRecordPid($table, $pid);
                return $rec;
        }
index eaece1d..ae48f4e 100644 (file)
@@ -1465,41 +1465,42 @@ class FormEngine {
                        if (isset($config['range']['upper'])) {
                                $dateRange .= ' upper-' . (int)$config['range']['upper'];
                        }
-                       $inputId = uniqid('tceforms-' . $class . 'field-');
+                       $inputId = uniqid('tceforms-' . $class . 'field-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-' . $class . 'field' . $dateRange;
                        $fieldAppendix = IconUtility::getSpriteIcon('actions-edit-pick-date', array(
                                'style' => 'cursor:pointer;',
                                'id' => 'picker-' . $inputId
                        ));
                } elseif (in_array('timesec', $evalList)) {
-                       $inputId = uniqid('tceforms-timesecfield-');
+                       $inputId = uniqid('tceforms-timesecfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-timesecfield';
                } elseif (in_array('year', $evalList)) {
-                       $inputId = uniqid('tceforms-yearfield-');
+                       $inputId = uniqid('tceforms-yearfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-yearfield';
                } elseif (in_array('time', $evalList)) {
-                       $inputId = uniqid('tceforms-timefield-');
+                       $inputId = uniqid('tceforms-timefield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-timefield';
                } elseif (in_array('int', $evalList)) {
-                       $inputId = uniqid('tceforms-intfield-');
+                       $inputId = uniqid('tceforms-intfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-intfield';
                } elseif (in_array('double2', $evalList)) {
-                       $inputId = uniqid('tceforms-double2field-');
+                       $inputId = uniqid('tceforms-double2field-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-double2field';
                } else {
-                       $inputId = uniqid('tceforms-textfield-');
+                       $inputId = uniqid('tceforms-textfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield';
                        if ($checkboxIsset === FALSE) {
                                $config['checkbox'] = '';
                        }
                }
                if (isset($config['wizards']['link'])) {
-                       $inputId = uniqid('tceforms-linkfield-');
+                       $inputId = uniqid('tceforms-linkfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-linkfield';
                } elseif (isset($config['wizards']['color'])) {
-                       $inputId = uniqid('tceforms-colorfield-');
+                       $inputId = uniqid('tceforms-colorfield-', TRUE);
                        $cssClasses[] = 'tceforms-textfield tceforms-colorfield';
                }
+               $inputId = str_replace('.', '', $inputId);
                if ($this->renderReadonly || $config['readOnly']) {
                        $itemFormElValue = $PA['itemFormElValue'];
                        if (in_array('date', $evalList)) {
@@ -1769,7 +1770,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                }
                                $iOnChange = implode('', $PA['fieldChangeFunc']);
                                $item .= '
-                                                       <textarea ' . 'id="' . uniqid('tceforms-textarea-') . '" ' . 'name="' . $PA['itemFormElName']
+                                                       <textarea ' . 'id="' . str_replace('.', '', uniqid('tceforms-textarea-', TRUE)) . '" ' . 'name="' . $PA['itemFormElName']
                                        . '"' . $formWidthText . $class . ' ' . 'rows="' . $rows . '" ' . 'wrap="' . $wrap . '" ' . 'onchange="'
                                        . htmlspecialchars($iOnChange) . '"' . $this->getPlaceholderAttribute($table, $field, $config, $row)
                                        . $PA['onFocus'] . '>' . GeneralUtility::formatForTextarea($PA['itemFormElValue']) . '</textarea>';
@@ -2187,7 +2188,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                if ($config['iconsInOptionTags']) {
                        $classesForSelectTag[] = 'icon-select';
                }
-               $item .= '<select' . $selectedStyle . ' id="' . uniqid('tceforms-select-') . '" name="' . $PA['itemFormElName'] . '"' . $this->insertDefStyle('select', implode(' ', $classesForSelectTag)) . ($size ? ' size="' . $size . '"' : '') . ' onchange="' . htmlspecialchars($sOnChange) . '"' . $PA['onFocus'] . $disabled . '>';
+               $item .= '<select' . $selectedStyle . ' id="' . str_replace('.', '', uniqid('tceforms-select-', TRUE)) . '" name="' . $PA['itemFormElName'] . '"' . $this->insertDefStyle('select', implode(' ', $classesForSelectTag)) . ($size ? ' size="' . $size . '"' : '') . ' onchange="' . htmlspecialchars($sOnChange) . '"' . $PA['onFocus'] . $disabled . '>';
                $item .= implode('', $opt);
                $item .= '</select>';
                // Create icon table:
@@ -2276,7 +2277,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                                $selIcon = IconUtility::getSpriteIcon('empty-empty');
                                        }
                                        // Compile row:
-                                       $rowId = uniqid('select_checkbox_row_');
+                                       $rowId = str_replace('.', '', uniqid('select_checkbox_row_', TRUE));
                                        $onClickCell = $this->elName(($PA['itemFormElName'] . '[' . $c . ']')) . '.checked=!' . $this->elName(($PA['itemFormElName'] . '[' . $c . ']')) . '.checked;';
                                        $onClick = 'this.attributes.getNamedItem("class").nodeValue = ' . $this->elName(($PA['itemFormElName'] . '[' . $c . ']')) . '.checked ? "c-selectedItem" : "c-unselectedItem";';
                                        $setAll[] = $this->elName(($PA['itemFormElName'] . '[' . $c . ']')) . '.checked=1;';
@@ -2431,7 +2432,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                $size = $config['autoSizeMax']
                        ? MathUtility::forceIntegerInRange(count($selItems) + 1, MathUtility::forceIntegerInRange($size, 1), $config['autoSizeMax'])
                        : $size;
-               $selectBox = '<select id="' . uniqid($cssPrefix) . '" name="' . $PA['itemFormElName'] . '[]"'
+               $selectBox = '<select id="' . str_replace('.', '', uniqid($cssPrefix, TRUE)) . '" name="' . $PA['itemFormElName'] . '[]"'
                        . $this->insertDefStyle('select', $cssPrefix) . ($size ? ' size="' . $size . '"' : '')
                        . ' multiple="multiple" onchange="' . htmlspecialchars($sOnChange) . '"' . $PA['onFocus']
                        . $selector_itemListStyle . $disabled . '>
@@ -2559,7 +2560,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                : $size;
                        $sOnChange = implode('', $PA['fieldChangeFunc']);
 
-                       $multiSelectId = uniqid('tceforms-multiselect-');
+                       $multiSelectId = str_replace('.', '', uniqid('tceforms-multiselect-', TRUE));
                        $itemsToSelect = '
                                <select data-relatedfieldname="' . htmlspecialchars($PA['itemFormElName']) . '" data-exclusivevalues="'
                                . htmlspecialchars($config['exclusiveKeys']) . '" id="' . $multiSelectId . '" name="' . $PA['itemFormElName'] . '_sel"'
@@ -3154,7 +3155,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                . (in_array($lArr['ISOcode'], $selectedLanguage) ? ' selected="selected"' : '') . '>'
                                . htmlspecialchars($lArr['title']) . '</option>';
                }
-               $output = '<select id="' . uniqid('tceforms-multiselect-')
+               $output = '<select id="' . str_replace('.', '', uniqid('tceforms-multiselect-', TRUE))
                        . ' class="tceforms-select tceforms-multiselect tceforms-flexlangmenu" name="' . $elName . '[]"'
                        . ($multi ? ' multiple="multiple" size="' . count($languages) . '"' : '') . '>' . implode('', $opt)
                        . '</select>';
@@ -3279,7 +3280,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                                                        $formPrefix . '[' . $key . '][el][' . $idTagPrefix . '-form]', $level + 1,
                                                                        $idTagPrefix);
                                                                // Makes a "Add new" link:
-                                                               $var = uniqid('idvar');
+                                                               $var = str_replace('.', '', uniqid('idvar', TRUE));
                                                                $replace = 'replace(/' . $idTagPrefix . '-/g,"' . $idTagPrefix . '-"+' . $var . '+"-")';
                                                                $replace .= '.replace(/(tceforms-(datetime|date)field-)/g,"$1" + (new Date()).getTime())';
                                                                $onClickInsert = 'var ' . $var . ' = "' . 'idx"+(new Date()).getTime();'
@@ -4231,7 +4232,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                        : $params['size'];
                if (!$selector) {
                        $isMultiple = $params['maxitems'] != 1 && $params['size'] != 1;
-                       $selector = '<select id="' . uniqid('tceforms-multiselect-') . '" '
+                       $selector = '<select id="' . str_replace('.', '', uniqid('tceforms-multiselect-', TRUE)) . '" '
                                . ($params['noList'] ? 'style="display: none"' : 'size="' . $sSize . '"' . $this->insertDefStyle('group', 'tceforms-multiselect'))
                                . ($isMultiple ? ' multiple="multiple"' : '')
                                . ' name="' . $fName . '_list" ' . $onFocus . $params['style'] . $disabled . '>' . implode('', $opt)
@@ -4693,7 +4694,7 @@ TBE_EDITOR.customEvalFunctions[\'' . $evalData . '\'] = function(value) {
                                                                $assignValue = $this->elName($itemName) . '.value=this.options[this.selectedIndex].value';
                                                        }
                                                        $sOnChange = $assignValue . ';this.blur();this.selectedIndex=0;' . implode('', $fieldChangeFunc);
-                                                       $outArr[] = '<select id="' . uniqid('tceforms-select-')
+                                                       $outArr[] = '<select id="' . str_replace('.', '', uniqid('tceforms-select-', TRUE))
                                                                . '" class="tceforms-select tceforms-wizardselect" name="_WIZARD' . $fName . '" onchange="'
                                                                . htmlspecialchars($sOnChange) . '">' . implode('', $opt) . '</select>';
                                                        break;
index e8d2743..fd1fc58 100644 (file)
@@ -462,8 +462,8 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
                                        $content[$key] .= '">';
                                        // Add new content at the top most position
                                        $content[$key] .= '
-                                       <div class="t3-page-ce" id="' . uniqid() . '">
-                                               <div class="t3-page-ce-dropzone" id="colpos-' . $key . '-' . 'page-' . $id . '-' . uniqid() . '">
+                                       <div class="t3-page-ce" id="' . str_replace('.', '', uniqid('', TRUE)) . '">
+                                               <div class="t3-page-ce-dropzone" id="colpos-' . $key . '-' . 'page-' . $id . '-' . uniqid('', TRUE) . '">
                                                        <div class="t3-page-ce-wrapper-new-ce">
                                                                <a href="#" onclick="' . htmlspecialchars($this->newContentElementOnClick($id, $key, $lP))
                                                                        . '" title="' . $this->getLanguageService()->getLL('newRecordHere', TRUE) . '">'
@@ -493,7 +493,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
                                                        $editUidList .= $row['uid'] . ',';
                                                        $disableMoveAndNewButtons = $this->defLangBinding && $lP > 0;
                                                        if (!$this->tt_contentConfig['languageMode']) {
-                                                               $singleElementHTML .= '<div class="t3-page-ce-dragitem" id="' . uniqid() . '">';
+                                                               $singleElementHTML .= '<div class="t3-page-ce-dragitem" id="' . str_replace('.', '', uniqid('', TRUE)) . '">';
                                                        }
                                                        $singleElementHTML .= $this->tt_content_drawHeader(
                                                                $row,
@@ -517,7 +517,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
                                                                $singleElementHTML .= '<div class="t3-page-ce">';
                                                        }
                                                        $singleElementHTML .= '<div class="t3-page-ce-dropzone" id="colpos-' . $key . '-' . 'page-' . $id .
-                                                               '-' . uniqid() . '">';
+                                                               '-' . str_replace('.', '', uniqid('', TRUE)) . '">';
                                                        // Add icon "new content element below"
                                                        if (!$disableMoveAndNewButtons) {
                                                                // New content element:
index 45620fb..e2a3a30 100644 (file)
@@ -147,7 +147,7 @@ class FileBackend extends \TYPO3\CMS\Core\Cache\Backend\SimpleFileBackend implem
                        throw new \RuntimeException(sprintf('Cannot add or modify cache entry because the backend of cache "%s" is frozen.', $this->cacheIdentifier), 1323344192);
                }
                $this->remove($entryIdentifier);
-               $temporaryCacheEntryPathAndFilename = $this->cacheDirectory . uniqid() . '.temp';
+               $temporaryCacheEntryPathAndFilename = $this->cacheDirectory . uniqid('', TRUE) . '.temp';
                $lifetime = $lifetime === NULL ? $this->defaultLifetime : $lifetime;
                $expiryTime = $lifetime === 0 ? 0 : $GLOBALS['EXEC_TIME'] + $lifetime;
                $metaData = str_pad($expiryTime, self::EXPIRYTIME_LENGTH) . implode(' ', $tags) . str_pad(strlen($data), self::DATASIZE_DIGITS);
index 2f16ba8..97b97fe 100644 (file)
@@ -475,7 +475,7 @@ class RedisBackend extends \TYPO3\CMS\Core\Cache\Backend\AbstractBackend impleme
        protected function removeIdentifierEntriesAndRelations(array $identifiers, array $tags) {
                // Set a temporary entry which holds all identifiers that need to be removed from
                // the tag to identifiers sets
-               $uniqueTempKey = 'temp:' . uniqId();
+               $uniqueTempKey = 'temp:' . uniqid('', TRUE);
                $prefixedKeysToDelete = array($uniqueTempKey);
                $prefixedIdentifierToTagsKeysToDelete = array();
                foreach ($identifiers as $identifier) {
index cee2d31..d7203b3 100644 (file)
@@ -234,7 +234,7 @@ class SimpleFileBackend extends \TYPO3\CMS\Core\Cache\Backend\AbstractBackend im
                if ($entryIdentifier === '') {
                        throw new \InvalidArgumentException('The specified entry identifier must not be empty.', 1334756736);
                }
-               $temporaryCacheEntryPathAndFilename = $this->cacheDirectory . uniqid() . '.temp';
+               $temporaryCacheEntryPathAndFilename = $this->cacheDirectory . uniqid('', TRUE) . '.temp';
                $result = file_put_contents($temporaryCacheEntryPathAndFilename, $data);
                \TYPO3\CMS\Core\Utility\GeneralUtility::fixPermissions($temporaryCacheEntryPathAndFilename);
                if ($result === FALSE) {
index 7ca6ca0..f28736a 100644 (file)
@@ -79,7 +79,7 @@ class Bootstrap {
         * @var string Application context
         */
        protected function __construct($applicationContext) {
-               $this->requestId = uniqid();
+               $this->requestId = substr(md5(uniqid('', TRUE)), 0, 13);
                $this->applicationContext = new ApplicationContext($applicationContext);
        }
 
index de2165d..87dcf91 100644 (file)
@@ -3034,7 +3034,7 @@ class DataHandler {
                                        $row = BackendUtility::getRecordWSOL($table, $uid);
                                        if (is_array($row)) {
                                                // Initializing:
-                                               $theNewID = uniqid('NEW');
+                                               $theNewID = uniqid('NEW', TRUE);
                                                $enableField = isset($GLOBALS['TCA'][$table]['ctrl']['enablecolumns']) ? $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'] : '';
                                                $headerField = $GLOBALS['TCA'][$table]['ctrl']['label'];
                                                // Getting default data:
@@ -3284,7 +3284,7 @@ class DataHandler {
         * @todo Define visibility
         */
        public function insertNewCopyVersion($table, $fieldArray, $realPid) {
-               $id = uniqid('NEW');
+               $id = uniqid('NEW', TRUE);
                // $fieldArray is set as current record.
                // The point is that when new records are created as copies with flex type fields there might be a field containing information about which DataStructure to use and without that information the flexforms cannot be correctly processed.... This should be OK since the $checkValueRecord is used by the flexform evaluation only anyways...
                $this->checkValue_currentRecord = $fieldArray;
index 9fa3359..7814790 100644 (file)
@@ -316,7 +316,7 @@ class DatabaseConnection {
         * @see exec_SELECTquery()
         */
        public function exec_SELECT_mm_query($select, $local_table, $mm_table, $foreign_table, $whereClause = '', $groupBy = '', $orderBy = '', $limit = '') {
-               $foreign_table_as = $foreign_table == $local_table ? $foreign_table . uniqid('_join') : '';
+               $foreign_table_as = $foreign_table == $local_table ? $foreign_table . str_replace('.', '', uniqid('_join', TRUE)) : '';
                $mmWhere = $local_table ? $local_table . '.uid=' . $mm_table . '.uid_local' : '';
                $mmWhere .= ($local_table and $foreign_table) ? ' AND ' : '';
                $tables = ($local_table ? $local_table . ',' : '') . $mm_table;
index 8db6841..47e6c42 100644 (file)
@@ -2003,7 +2003,7 @@ class GraphicalFunctions {
         */
        public function randomName() {
                $this->createTempSubDir('temp/');
-               return $this->tempPath . 'temp/' . md5(uniqid(''));
+               return $this->tempPath . 'temp/' . md5(uniqid('', TRUE));
        }
 
        /**
index dfe8861..cfe9717 100644 (file)
@@ -209,7 +209,7 @@ class PackageManager extends \TYPO3\Flow\Package\PackageManager implements \TYPO
                $cacheEntryIdentifier = $this->getCacheEntryIdentifier();
                if ($cacheEntryIdentifier !== NULL && !$this->coreCache->has($cacheEntryIdentifier)) {
                        // Package objects get their own cache entry, so PHP does not have to parse the serialized string
-                       $packageObjectsCacheEntryIdentifier = uniqid('PackageObjects_');
+                       $packageObjectsCacheEntryIdentifier = str_replace('.', '', uniqid('PackageObjects_', TRUE));
                        // Build cache file
                        $packageCache = array(
                                'packageStatesConfiguration'  => $this->packageStatesConfiguration,
index b1c71f5..f7cf5aa 100644 (file)
@@ -37,7 +37,7 @@ class UnitTestPackageManager extends \TYPO3\CMS\Core\Package\PackageManager {
                $this->scanAvailablePackages();
                $this->activePackages = $this->packages;
 
-               $cacheIdentifier = uniqid();
+               $cacheIdentifier = str_replace('.', '', uniqid('', TRUE));
                $this->classLoader->setCacheIdentifier($cacheIdentifier)->setPackages($this->activePackages);
        }
 
index 1f4413a..adf6daa 100644 (file)
@@ -2413,7 +2413,7 @@ class ResourceStorage implements ResourceStorageInterface {
                        if ($a <= $maxNumber) {
                                $insert = '_' . sprintf('%02d', $a);
                        } else {
-                               $insert = '_' . substr(md5(uniqId('')), 0, 6);
+                               $insert = '_' . substr(md5(uniqid('', TRUE)), 0, 6);
                        }
                        $theTestFile = $theTempFileBody . $insert . $theOrigExt;
                        // The destinations file
index 0a79876..1429bc1 100644 (file)
@@ -248,7 +248,7 @@ class ExtendedTemplateService extends \TYPO3\CMS\Core\TypoScript\TemplateService
         * @todo Define visibility
         */
        public function substituteConstants($all) {
-               $this->Cmarker = substr(md5(uniqid('')), 0, 6);
+               $this->Cmarker = substr(md5(uniqid('', TRUE)), 0, 6);
                return preg_replace_callback('/\\{\\$(.[^}]+)\\}/', array($this, 'substituteConstantsCallBack'), $all);
        }
 
index e705dbe..86bdf1b 100644 (file)
@@ -360,7 +360,7 @@ class BasicFileUtility {
                                        $insert = '_' . sprintf('%02d', $a);
                                } else {
                                        // .. then we try unique-strings...
-                                       $insert = '_' . substr(md5(uniqId('')), 0, $this->uniquePrecision);
+                                       $insert = '_' . substr(md5(uniqid('', TRUE)), 0, $this->uniquePrecision);
                                }
                                $theTestFile = $theTempFileBody . $insert . $theOrigExt;
                                $theDestFile = $theDest . '/' . $theTestFile;
index 9579824..9cc5e2d 100755 (executable)
@@ -281,7 +281,7 @@ class GeneralUtility {
                        // IM
                        if (($type == 'IM' || !$type) && $gfxConf['im'] && $gfxConf['im_path_lzw']) {
                                // Use temporary file to prevent problems with read and write lock on same file on network file systems
-                               $temporaryName = dirname($theFile) . '/' . md5(uniqid()) . '.gif';
+                               $temporaryName = dirname($theFile) . '/' . md5(uniqid('', TRUE)) . '.gif';
                                // Rename could fail, if a simultaneous thread is currently working on the same thing
                                if (@rename($theFile, $temporaryName)) {
                                        $cmd = self::imageMagickCommand('convert', '"' . $temporaryName . '" "' . $theFile . '"', $gfxConf['im_path_lzw']);
@@ -1289,7 +1289,7 @@ class GeneralUtility {
        static protected function generateRandomBytesFallback($bytesToReturn) {
                $bytes = '';
                // We initialize with somewhat random.
-               $randomState = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . base_convert(memory_get_usage() % pow(10, 6), 10, 2) . microtime() . uniqid('') . getmypid();
+               $randomState = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . base_convert(memory_get_usage() % pow(10, 6), 10, 2) . microtime() . uniqid('', TRUE) . getmypid();
                while (!isset($bytes[($bytesToReturn - 1)])) {
                        $randomState = sha1(microtime() . mt_rand() . $randomState);
                        $bytes .= sha1(mt_rand() . $randomState, TRUE);
@@ -2935,7 +2935,7 @@ Connection: close
                $result = FALSE;
 
                if (is_dir($directory)) {
-                       $temporaryDirectory = rtrim($directory, '/') . '.' . uniqid('remove') . '/';
+                       $temporaryDirectory = rtrim($directory, '/') . '.' . uniqid('remove', TRUE) . '/';
                        if (rename($directory, $temporaryDirectory)) {
                                if ($keepOriginalDirectory) {
                                        self::mkdir($directory);
index 839a935..7b755af 100644 (file)
@@ -114,7 +114,7 @@ abstract class BaseTestCase extends \PHPUnit_Framework_TestCase {
         * @return string Fully qualified name of the built class, will not be empty
         */
        protected function buildAccessibleProxy($className) {
-               $accessibleClassName = uniqid('Tx_Phpunit_AccessibleProxy');
+               $accessibleClassName = str_replace('.', '', uniqid('Tx_Phpunit_AccessibleProxy', TRUE));
                $class = new \ReflectionClass($className);
                $abstractModifier = $class->isAbstract() ? 'abstract ' : '';
 
index ad11dde..31c63c4 100644 (file)
@@ -131,7 +131,7 @@ class ActionService {
                        $currentUid = $recordData['uid'];
                        if ($recordData['uid'] === '__NEW') {
                                $recordData['pid'] = $pageId;
-                               $currentUid = uniqid('NEW');
+                               $currentUid = uniqid('NEW', TRUE);
                        }
                        unset($recordData['uid']);
                        $dataMap[$tableName][$currentUid] = $recordData;
diff --git a/typo3/sysext/form/Classes/Domain/Model/Element/SelectElement.php b/typo3/sysext/form/Classes/Domain/Model/Element/SelectElement.php
deleted file mode 100644 (file)
index f320b34..0000000
+++ /dev/null
@@ -1,87 +0,0 @@
-<?php
-namespace TYPO3\CMS\Form\Domain\Model\Element;
-
-/**
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-/**
- * Select model object
- *
- * @author Patrick Broens <patrick@patrickbroens.nl>
- */
-class SelectElement extends \TYPO3\CMS\Form\Domain\Model\Element\ContainerElement {
-
-       /**
-        * Allowed attributes for this object
-        *
-        * @var array
-        */
-       protected $allowedAttributes = array(
-               'class' => '',
-               'disabled' => '',
-               'id' => '',
-               'lang' => '',
-               'multiple' => '',
-               'name' => '',
-               'size' => '',
-               'style' => '',
-               'tabindex' => '',
-               'title' => ''
-       );
-
-       /**
-        * Mandatory attributes for this object
-        *
-        * @var array
-        */
-       protected $mandatoryAttributes = array(
-               'name',
-               'id'
-       );
-
-       /**
-        * Add child object to this element
-        *
-        * @param \TYPO3\CMS\Form\Domain\Model\Element\OptionElement $element The child object
-        * @return \TYPO3\CMS\Form\Domain\Model\Element\SelectElement
-        */
-       public function addElement(\TYPO3\CMS\Form\Domain\Model\Element\OptionElement $element) {
-               $element->setParentName($this->getName());
-               $this->elements[] = $element;
-               return $this;
-       }
-
-       /**
-        * Set a specific attribute by name and value
-        *
-        * @param string $attribute Name of the attribute
-        * @param mixed $value Value of the attribute
-        * @return \TYPO3\CMS\Form\Domain\Model\Element\SelectElement
-        */
-       public function setAttribute($attribute, $value) {
-               if (array_key_exists($attribute, $this->allowedAttributes)) {
-                       $this->attributes->addAttribute($attribute, $value);
-               }
-               if (
-                       $attribute === 'name' && $this->attributes->hasAttribute('multiple') &&
-                       $this->attributes->getValue('multiple') === 'multiple' ||
-                       $attribute === 'multiple' && $this->attributes->hasAttribute('name')
-               ) {
-                       /** @var $nameAttribute \TYPO3\CMS\Form\Domain\Model\Attribute\NameAttribute */
-                       $nameAttribute = $this->attributes->getAttributeObjectByKey('name');
-                       $nameAttribute->setAddition('[]');
-               }
-               return $this;
-       }
-
-}
index 29c99ac..8782c19 100644 (file)
@@ -202,7 +202,7 @@ class FlowPlayerContentObject extends \TYPO3\CMS\Frontend\ContentObject\Abstract
                        $prefix = $GLOBALS['TSFE']->absRefPrefix;
                }
                // Initialize content
-               $replaceElementIdString = uniqid('mmswf');
+               $replaceElementIdString = str_replace('.', '', uniqid('mmswf', TRUE));
                $GLOBALS['TSFE']->register['MMSWFID'] = $replaceElementIdString;
                $layout = isset($conf['layout.']) ? $this->cObj->stdWrap($conf['layout'], $conf['layout.']) : $conf['layout'];
                $content = str_replace('###ID###', $replaceElementIdString, $layout);
index e249d9d..763ce30 100644 (file)
@@ -49,7 +49,7 @@ class QuicktimeObjectContentObject extends \TYPO3\CMS\Frontend\ContentObject\Abs
                $typeConf = $conf[$type . '.'];
                // Add QTobject js-file
                $GLOBALS['TSFE']->getPageRenderer()->addJsFile(TYPO3_mainDir . 'contrib/flashmedia/qtobject/qtobject.js');
-               $replaceElementIdString = uniqid('mmqt');
+               $replaceElementIdString = str_replace('.', '', uniqid('mmqt', TRUE));
                $GLOBALS['TSFE']->register['MMQTID'] = $replaceElementIdString;
                $qtObject = 'QTObject' . $replaceElementIdString;
                // Merge with default parameters
index 2dc115d..b191520 100644 (file)
@@ -99,7 +99,7 @@ class ShockwaveFlashObjectContentObject extends \TYPO3\CMS\Frontend\ContentObjec
                if (!$flashVersion) {
                        $flashVersion = '9';
                }
-               $replaceElementIdString = uniqid('mmswf');
+               $replaceElementIdString = str_replace('.', '', uniqid('mmswf', TRUE));
                $GLOBALS['TSFE']->register['MMSWFID'] = $replaceElementIdString;
                $alternativeContent = isset($conf['alternativeContent.']) ? $this->cObj->stdWrap($conf['alternativeContent'], $conf['alternativeContent.']) : $conf['alternativeContent'];
                $layout = isset($conf['layout.']) ? $this->cObj->stdWrap($conf['layout'], $conf['layout.']) : $conf['layout'];
index adf911d..a42f419 100644 (file)
@@ -1951,11 +1951,11 @@ class ImportExport {
                                                $this->import_mapId['sys_file_metadata'][$record['uid']] = $recordInDatabase['uid'];
                                                $ID = $recordInDatabase['uid'];
                                        } else {
-                                               $ID = uniqid('NEW');
+                                               $ID = uniqid('NEW', TRUE);
                                        }
 
                                } else {
-                                       $ID = uniqid('NEW');
+                                       $ID = uniqid('NEW', TRUE);
                                }
                                $this->import_newId[$table . ':' . $ID] = array('table' => $table, 'uid' => $uid);
                                if ($table == 'pages') {
@@ -2160,7 +2160,7 @@ class ImportExport {
                                                                                                }
                                                                                        }
                                                                                        if ($fileObject !== NULL) {
-                                                                                               $refId = uniqid('NEW');
+                                                                                               $refId = uniqid('NEW', TRUE);
                                                                                                $refIds[] = $refId;
                                                                                                $updateData['sys_file_reference'][$refId] = array(
                                                                                                        'uid_local' => $fileObject->getUid(),
index 9344716..dabb2de 100644 (file)
@@ -172,7 +172,7 @@ class TestSetup extends Action\AbstractAction {
                        \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('install') . 'Resources/Private/Font/vera.ttf',
                        'Testing true type'
                );
-               $outputFile = PATH_site . 'typo3temp/installTool-' . uniqid('createTrueTypeFontDpiTestImage') . '.gif';
+               $outputFile = PATH_site . 'typo3temp/installTool-' . uniqid('createTrueTypeFontDpiTestImage', TRUE) . '.gif';
                imagegif($image, $outputFile);
 
                /** @var \TYPO3\CMS\Install\Status\StatusInterface $message */
@@ -217,7 +217,7 @@ class TestSetup extends Action\AbstractAction {
                        } else {
                                $imageProcessor->IM_commands = array();
                                $inputFile = $this->imageBasePath . 'TestInput/Test.' . $formatToTest;
-                               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('read') . '-' . $formatToTest;
+                               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('read', TRUE) . '-' . $formatToTest;
                                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'jpg', '170', '', '', '', array(), TRUE);
                                $result['title'] = 'Read ' . $formatToTest;
                                if ($imResult !== NULL) {
@@ -253,7 +253,7 @@ class TestSetup extends Action\AbstractAction {
 
                // Gif
                $inputFile = $this->imageBasePath . 'TestInput/Test.gif';
-               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('write-gif');
+               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('write-gif', TRUE);
                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'gif', '', '', '', '', array(), TRUE);
                if ($imResult !== NULL && is_file($imResult[3])) {
                        if ($GLOBALS['TYPO3_CONF_VARS']['GFX']['gif_compress']) {
@@ -286,7 +286,7 @@ class TestSetup extends Action\AbstractAction {
                // Png
                $inputFile = $this->imageBasePath . 'TestInput/Test.png';
                $imageProcessor->IM_commands = array();
-               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('write-png');
+               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('write-png', TRUE);
                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'png', '', '', '', '', array(), TRUE);
                if ($imResult !== NULL) {
                        $testResults['png']['title'] = 'Write png';
@@ -319,7 +319,7 @@ class TestSetup extends Action\AbstractAction {
 
                $imageProcessor->IM_commands = array();
                $inputFile = $this->imageBasePath . 'TestInput/Transparent.gif';
-               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-gif');
+               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-gif', TRUE);
                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'gif', '150', '', '', '', array(), TRUE);
                if ($imResult !== NULL) {
                        $testResults['gif-to-gif']['title'] = 'gif to gif';
@@ -332,7 +332,7 @@ class TestSetup extends Action\AbstractAction {
 
                $imageProcessor->IM_commands = array();
                $inputFile = $this->imageBasePath . 'TestInput/Transparent.png';
-               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-png');
+               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-png', TRUE);
                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'png', '150', '', '', '', array(), TRUE);
                if ($imResult !== NULL) {
                        $testResults['png-to-png']['title'] = 'png to png';
@@ -345,7 +345,7 @@ class TestSetup extends Action\AbstractAction {
 
                $imageProcessor->IM_commands = array();
                $inputFile = $this->imageBasePath . 'TestInput/Transparent.gif';
-               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-jpg');
+               $imageProcessor->imageMagickConvert_forceFileNameBody = uniqid('scale-jpg', TRUE);
                $imResult = $imageProcessor->imageMagickConvert($inputFile, 'jpg', '150', '', '-opaque white -background white -flatten', '', array(), TRUE);
                if ($imResult !== NULL) {
                        $testResults['gif-to-jpg']['title'] = 'gif to jpg';
@@ -379,7 +379,7 @@ class TestSetup extends Action\AbstractAction {
                $overlayFile = $this->imageBasePath . 'TestInput/Test.jpg';
                $maskFile = $this->imageBasePath . 'TestInput/MaskBlackWhite.gif';
                $resultFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix
-                       . uniqid($imageProcessor->alternativeOutputKey . 'combine1') . '.jpg';
+                       . uniqid($imageProcessor->alternativeOutputKey . 'combine1', TRUE) . '.jpg';
                $imageProcessor->combineExec($inputFile, $overlayFile, $maskFile, $resultFile, TRUE);
                $result = $imageProcessor->getImageDimensions($resultFile);
                if ($result) {
@@ -396,7 +396,7 @@ class TestSetup extends Action\AbstractAction {
                $overlayFile = $this->imageBasePath . 'TestInput/Test.jpg';
                $maskFile = $this->imageBasePath . 'TestInput/MaskCombine.jpg';
                $resultFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix
-                       . uniqid($imageProcessor->alternativeOutputKey . 'combine2') . '.jpg';
+                       . uniqid($imageProcessor->alternativeOutputKey . 'combine2', TRUE) . '.jpg';
                $imageProcessor->combineExec($inputFile, $overlayFile, $maskFile, $resultFile, TRUE);
                $result = $imageProcessor->getImageDimensions($resultFile);
                if ($result) {
@@ -435,7 +435,7 @@ class TestSetup extends Action\AbstractAction {
                        'color' => 'olive',
                );
                $imageProcessor->makeBox($image, $conf, $workArea);
-               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdSimple') . '.' . $gifOrPng;
+               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdSimple', TRUE) . '.' . $gifOrPng;
                $imageProcessor->ImageWrite($image, $outputFile);
                $result = $imageProcessor->getImageDimensions($outputFile);
                $testResults['simple'] = array();
@@ -453,7 +453,7 @@ class TestSetup extends Action\AbstractAction {
                        'color' => 'olive',
                );
                $imageProcessor->makeBox($image, $conf, $workArea);
-               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdBox') . '.' . $gifOrPng;
+               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdBox', TRUE) . '.' . $gifOrPng;
                $imageProcessor->ImageWrite($image, $outputFile);
                $result = $imageProcessor->getImageDimensions($outputFile);
                $testResults['box'] = array();
@@ -479,7 +479,7 @@ class TestSetup extends Action\AbstractAction {
                );
                $conf['BBOX'] = $imageProcessor->calcBBox($conf);
                $imageProcessor->makeText($image, $conf, $workArea);
-               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdText') . '.' . $gifOrPng;
+               $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdText', TRUE) . '.' . $gifOrPng;
                $imageProcessor->ImageWrite($image, $outputFile);
                $result = $imageProcessor->getImageDimensions($outputFile);
                $testResults['text'] = array();
@@ -494,7 +494,7 @@ class TestSetup extends Action\AbstractAction {
                        $conf['offset'] = '17,65';
                        $conf['niceText'] = 1;
                        $imageProcessor->makeText($image, $conf, $workArea);
-                       $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdNiceText') . '.' . $gifOrPng;
+                       $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('gdNiceText', TRUE) . '.' . $gifOrPng;
                        $imageProcessor->ImageWrite($image, $outputFile);
                        $result = $imageProcessor->getImageDimensions($outputFile);
                        $testResults['niceText']['title'] = 'Render text with TrueType font using \'niceText\' option';
@@ -530,7 +530,7 @@ class TestSetup extends Action\AbstractAction {
                        // Warning: Re-uses $image from above!
                        $imageProcessor->makeShadow($image, $conf['shadow.'], $workArea, $conf);
                        $imageProcessor->makeText($image, $conf, $workArea);
-                       $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('GDwithText-niceText-shadow') . '.' . $gifOrPng;
+                       $outputFile = $imageProcessor->tempPath . $imageProcessor->filenamePrefix . uniqid('GDwithText-niceText-shadow', TRUE) . '.' . $gifOrPng;
                        $imageProcessor->ImageWrite($image, $outputFile);
                        $result = $imageProcessor->getImageDimensions($outputFile);
                        $testResults['shadow']['title'] = 'Render \'niceText\' with a shadow under';
index aba7821..7cd5dce 100644 (file)
@@ -243,7 +243,7 @@ class DirectoryNode extends AbstractNode implements NodeInterface {
         * @return boolean TRUE if test file creation was successful
         */
        protected function canFileBeCreated() {
-               $testFileName = uniqid('installToolTest_');
+               $testFileName = uniqid('installToolTest_', TRUE);
                $result = @touch($this->getAbsolutePath() . '/' . $testFileName);
                if ($result === TRUE) {
                        unlink($this->getAbsolutePath() . '/' . $testFileName);
index 448e296..d96ec10 100644 (file)
@@ -181,7 +181,7 @@ class CoreUpdateService {
 
                if ($success) {
                        // Explicit write check to document root
-                       $file = PATH_site . uniqid('install-core-update-test-');
+                       $file = PATH_site . uniqid('install-core-update-test-', TRUE);
                        $result = @touch($file);
                        if (!$result) {
                                $success = FALSE;
@@ -196,7 +196,7 @@ class CoreUpdateService {
 
                        // Explicit write check to upper directory of current core location
                        $coreLocation = @realPath($this->currentCoreLocation . '/../');
-                       $file = $coreLocation . '/' . uniqid('install-core-update-test-');
+                       $file = $coreLocation . '/' . uniqid('install-core-update-test-', TRUE);
                        $result = @touch($file);
                        if (!$result) {
                                $success = FALSE;
index c725079..74d58e2 100644 (file)
@@ -79,7 +79,7 @@ class CommandLineBackend extends \TYPO3\CMS\Rsaauth\Backend\AbstractBackend {
                }
 
                // Create a temporary file. Security: tempnam() sets permissions to 0600
-               $privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
+               $privateKeyFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
 
                // Generate the private key.
                //
@@ -122,9 +122,9 @@ class CommandLineBackend extends \TYPO3\CMS\Rsaauth\Backend\AbstractBackend {
         */
        public function decrypt($privateKey, $data) {
                // Key must be put to the file
-               $privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
+               $privateKeyFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
                file_put_contents($privateKeyFile, $privateKey);
-               $dataFile = tempnam($this->temporaryDirectory, uniqid());
+               $dataFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
                file_put_contents($dataFile, base64_decode($data));
                // Prepare the command
                $command = $this->opensslPath . ' rsautl -inkey ' . escapeshellarg($privateKeyFile) . ' -in ' . escapeshellarg($dataFile) . ' -decrypt';
index 9550f60..aef6784 100644 (file)
@@ -83,7 +83,7 @@ class LoginFormHook {
         * @return string Challenge value
         */
        protected function getChallenge() {
-               $challenge = md5(uniqid('') . getmypid());
+               $challenge = md5(uniqid('', TRUE) . getmypid());
                return $challenge;
        }
 
index b6d14e8..232edc6 100644 (file)
@@ -243,7 +243,7 @@ class PreviewHook implements \TYPO3\CMS\Core\SingletonInterface {
         */
        public function compilePreviewKeyword($getVarsStr, $backendUserUid, $ttl = 172800, $fullWorkspace = NULL) {
                $fieldData = array(
-                       'keyword' => md5(uniqid(microtime())),
+                       'keyword' => md5(uniqid(microtime(), TRUE)),
                        'tstamp' => $GLOBALS['EXEC_TIME'],
                        'endtime' => $GLOBALS['EXEC_TIME'] + $ttl,
                        'config' => serialize(array(
index 72a246d..2864d6f 100644 (file)
@@ -209,7 +209,7 @@ class PreviewController extends \TYPO3\CMS\Workspaces\Controller\AbstractControl
                        'PATH_typo3' => $pathTYPO3,
                        'PATH_typo3_enc' => rawurlencode($pathTYPO3),
                        'username' => htmlspecialchars($GLOBALS['BE_USER']->user['username']),
-                       'uniqueID' => GeneralUtility::shortMD5(uniqid('')),
+                       'uniqueID' => GeneralUtility::shortMD5(uniqid('', TRUE)),
                        'securityLevel' => $loginSecurityLevel,
                        'TYPO3_mainDir' => TYPO3_mainDir,
                        'pageModule' => $pageModule,