Fixed bug #12003: EncryptionKey generation in install tool (1-2-3-mode) still uses...
authorSteffen Kamper <info@sk-typo3.de>
Sat, 19 Sep 2009 16:42:39 +0000 (16:42 +0000)
committerSteffen Kamper <info@sk-typo3.de>
Sat, 19 Sep 2009 16:42:39 +0000 (16:42 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@5994 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
typo3/sysext/install/mod/class.tx_install.php

index 2a9c9d7..849d5a9 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 2009-09-19  Steffen Kamper  <info@sk-typo3.de>
 
+       * Fixed bug #12003: EncryptionKey generation in install tool (1-2-3-mode) still uses old encryption
        * Fixed bug #11884: User setup: buttons for create/delete ENABLE_INSTALL_TOOL-file are not integrated in user setup
        * Fixed bug #11896: User Setup miss save of be_users fields and miss handling of default value
 
index b3e9569..8911184 100755 (executable)
@@ -686,7 +686,7 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv('REMOTE_ADDR')."' (".t3lib_div::getIndp
                                                        <td valign="top">
                                                                  '.$this->fontTag1.'<br />
                                                           <input type="hidden" name="step" value="2">
-                                                          <input type="hidden" name="TYPO3_INSTALL[localconf.php][encryptionKey]" value="'.md5(uniqid(rand(),true)).'">
+                                                          <input type="hidden" name="TYPO3_INSTALL[localconf.php][encryptionKey]" value="' . $this->createEncryptionKey() . '">
                                                                 <input type="hidden" name="TYPO3_INSTALL[localconf.php][compat_version]" value="'.TYPO3_branch.'">
                                                                  <input type="submit" value="Continue"><br /><br /><strong>NOTICE: </strong>By clicking this button, typo3conf/localconf.php is updated with new values for the parameters listed above!</span><br />
                                                        </td>
@@ -5119,6 +5119,16 @@ $out="
                return $backupFile;
        }
 
+       /**
+        * Returns a newly created TYPO3 encryption key with a given length.
+        *
+        * @param  integer  $keyLength  desired key length
+        * @return string
+        */
+       protected function createEncryptionKey($keyLength = 96) {
+               $bytes = t3lib_div::generateRandomBytes($keyLength);
+               return substr(bin2hex($bytes), -96);
+       }
 }
 
 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/install/mod/class.tx_install.php'])   {