/**
* Generate a UNIQUE string for a given file path to use as the identifier for the file
* The string returned should be 32 characters in length
* @param string $p_filepath File path.
* @return string
*/
function file_generate_unique_name($p_filepath)
{
do {
$t_string = md5(crypto_generate_random_string(32, false));
} while (!diskfile_is_name_unique($t_string, $p_filepath));
return $t_string;
}
</span>
<?php
} else {
?>
Updating Configuration File (config/config_inc.php)<br />
<?php
}
?>
</td>
<?php
# Generating the config_inc.php file
# Automatically generate a strong master salt/nonce for MantisBT
# cryptographic purposes. If a strong source of randomness is not
# available the user will have to manually set this value post
# installation.
$t_crypto_master_salt = crypto_generate_random_string(32);
if ($t_crypto_master_salt !== null) {
$t_crypto_master_salt = base64_encode($t_crypto_master_salt);
}
$t_config = '<?php' . PHP_EOL . '$g_hostname = \'' . $f_hostname . '\';' . PHP_EOL . '$g_db_type = \'' . $f_db_type . '\';' . PHP_EOL . '$g_database_name = \'' . addslashes($f_database_name) . '\';' . PHP_EOL . '$g_db_username = \'' . addslashes($f_db_username) . '\';' . PHP_EOL . '$g_db_password = \'' . addslashes($f_db_password) . '\';' . PHP_EOL;
switch ($f_db_type) {
case 'db2':
$t_config .= '$g_db_schema = \'' . $f_db_schema . '\';' . PHP_EOL;
break;
default:
break;
}
$t_config .= PHP_EOL;
# Add lines for table prefix/suffix if different from default
$t_insert_line = false;
foreach ($t_prefix_defaults['other'] as $t_key => $t_value) {
/**
* Generate a nonce encoded using the base64 with URI safe alphabet approach
* described in RFC4648. Note that the minimum length is rounded up to the next
* number with a factor of 4 so that padding is never added to the end of the
* base64 output. This means the '=' padding character is never present in the
* output. Due to the reduced character set of base64 encoding, the actual
* amount of entropy produced by this function for a given output string length
* is 3/4 (0.75) that of raw unencoded output produced with the
* crypto_generate_strong_random_string( $p_bytes ) function.
* @param integer $p_minimum_length Minimum number of characters required for the nonce.
* @return string Nonce encoded according to the base64 with URI safe alphabet approach described in RFC4648
*/
function crypto_generate_uri_safe_nonce($p_minimum_length)
{
$t_length_mod4 = $p_minimum_length % 4;
$t_adjusted_length = $p_minimum_length + 4 - ($t_length_mod4 ? $t_length_mod4 : 4);
$t_raw_bytes_required = $t_adjusted_length / 4 * 3;
if (!is_windows_server()) {
$t_random_bytes = crypto_generate_strong_random_string($t_raw_bytes_required);
} else {
# It's currently not possible to generate strong random numbers
# with PHP on Windows so we have to resort to using PHP's
# built-in insecure PRNG.
$t_random_bytes = crypto_generate_random_string($t_raw_bytes_required, false);
}
$t_base64_encoded = base64_encode($t_random_bytes);
# Note: no need to translate trailing = padding characters because our
# length rounding ensures that padding is never required.
$t_random_nonce = strtr($t_base64_encoded, '+/', '-_');
return $t_random_nonce;
}
