|
From: Garvin H. <gar...@us...> - 2004-12-01 14:52:14
|
Update of /cvsroot/php-blog/serendipity/plugins/serendipity_event_spamblock In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3568/plugins/serendipity_event_spamblock Modified Files: Tag: branch-0-7 serendipity_event_spamblock.php Log Message: * fix random seeding of spamblock captcha plugin (even though it should work without) * different fix for XSS: We can'T fix it in layout.php because we have no controler over users templates. So we need to do escaping on an earlier step. * Needs to be ported to HEAD as well, please! Index: serendipity_event_spamblock.php =================================================================== RCS file: /cvsroot/php-blog/serendipity/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php,v retrieving revision 1.25 retrieving revision 1.25.2.1 diff -u -d -r1.25 -r1.25.2.1 --- serendipity_event_spamblock.php 26 Oct 2004 13:24:16 -0000 1.25 +++ serendipity_event_spamblock.php 1 Dec 2004 14:52:03 -0000 1.25.2.1 @@ -395,6 +395,7 @@ return; } + srand(time()); mt_srand(time()); $width = 120; $height = 40; @@ -471,6 +472,7 @@ function random_string($max_char, $min_char) { $this->chars = array(2, 3, 4, 7, 9); // 1, 5, 6 and 8 may look like characters. $this->chars = array_merge($this->chars, array('A','B','C','D','E','F','H','J','K','L','M','N','P','Q','R','T','U','V','W','X','Y','Z')); // I, O, S may look like numbers + shuffle($this->chars); $strings = array_rand($this->chars, mt_rand($max_char, $min_char)); $string = ''; |
