/** * encrypt data with default cipher and password * @param string $data plain text data * @param string $pass optional password * @param string $type optional algorithm * @return string */ function encrypt($data, $pass = null, $type = null) { if (is_null($type)) { $config = getZombieConfig(); $type = $config['crypt']['type']; if (is_null($pass)) { $pass = $config['crypt']['pass']; } } $iv = strongRand(12); $encrypted = openssl_encrypt($data, $type, $pass, false, $iv); return $iv . $encrypted; }
VALUES ($1), ($2) '); $query->addParam("admin"); $query->addParam("users"); echo "Info for admin user:\n"; echo "username: "******"firstname: "; $firstname = trim(fgets(STDIN)); echo "lastname: "; $lastname = trim(fgets(STDIN)); echo "password: "******"sha256", trim(fgets(STDIN))); $rand_bits = strongRand(32); $rand_bits = preg_replace('/[\\/=+]/', '', $rand_bits); $rand_bits = substr($rand_bits, 0, 22); $salt = '$2a$07$' . $rand_bits . '$'; $hash = crypt($password, $salt); $query = new MysqlQuery(' INSERT INTO users VALUES (username, firstname, lastname, salt, password) VALUES ($1, $2, $3, $4, $5) '); $query->addParam($username);
public function genBcryptSalt() { require_once $this->config['zombie_root'] . "/zombie-core/util/rand.php"; $rand_bits = strongRand(32); $rand_bits = preg_replace('/[\\/=+]/', '', $rand_bits); $rand_bits = substr($rand_bits, 0, 22); $salt = '$2a$07$' . $rand_bits . '$'; return $salt; }
/** * Generate a new session id */ public function generateId() { return strongRand(30); }
/** * Returns the current csrf token or * generates a new one if none exists. */ function getCsrfToken() { $token = $this->session->get('csrf_token'); if (!$token) { $token = strongRand(32); $token = preg_replace("/[+=\\/]/", "", $token); $this->session->set('csrf_token', $token); } return $token; }