Improved entropy for report file urls.

[fa-stable.git] / includes / main.inc

diff --git a/includes/main.inc b/includes/main.inc
index df31aa17a52a4e84d4ea6a0e968fdbc7ebe56d30..bd2463f0cc549e0cbf24e4dd9941cb89c9a312d8 100644 (file)
--- a/includes/main.inc
+++ b/includes/main.inc
@@ -422,3 +422,24 @@ if (!function_exists('array_fill_keys')) // since 5.2
        }
 }
 
+/*
+       This function aims to generate cryptographically strong random identifier.
+       Result identifier has length 4[strength/8/3] 
+*/
+function random_id($strength = 128)
+{
+       $n = ceil($strength/8);
+
+       if (function_exists('openssl_random_pseudo_bytes'))
+               $bin = openssl_random_pseudo_bytes($n, $cstrong);       // openssl on php 5.3 and up
+       else if (file_exists('/dev/urandom'))
+               $bin = file_get_contents('/dev/urandom', false, null, -1, $n);  // linux std random device
+       else {
+               $bin = '';
+               for($i=0; $i < $n; $i++)
+                       $bin .= chr(mt_rand(0, 255));   // Mersene Twister generator
+       }
+       $id = strtr(base64_encode($bin), '+/', '-_');   // see RFC 4648 Section 5
+
+       return $id;
+}