X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fstrings.php;h=33d01527c738d28b1f6a14e2a4abd10293c6b558;hb=d47b2518bd5b1544e3b7577b59f323b29737eb12;hp=fd7429358071d76c606a12b23cccf2a5e837726d;hpb=298d400579ebc6101881453cad277ef1ce982226;p=squirrelmail.git

diff --git a/functions/strings.php b/functions/strings.php
index fd742935..33d01527 100644
--- a/functions/strings.php
+++ b/functions/strings.php
@@ -170,7 +170,7 @@
    }
 
    /* SquirrelMail version number -- DO NOT CHANGE */
-   $version = "0.5";
+   $version = "0.6pre1 (cvs)";
 
 
    function find_mailbox_name ($mailbox) {
@@ -203,7 +203,7 @@
       #
       #   http://www.myhost.com/squirrelmail/src/login.php
    
-      global $PHP_SELF, $SERVER_NAME, $HTTPS, $HTTP_HOST;
+      global $PHP_SELF, $SERVER_NAME, $HTTPS, $HTTP_HOST, $SERVER_PORT;
 
       // Get the path
       $path = substr($PHP_SELF, 0, strrpos($PHP_SELF, '/'));
@@ -214,13 +214,20 @@
         $proto = "https://";
       }
    
+      $port = "";
+      if (isset($SERVER_PORT)) {
+        if ($SERVER_PORT != 80) {
+            $port = sprintf(':%d', $SERVER_PORT);
+        }
+      }
+          
       // Get the hostname from the Host header or server config.
       // Fallback is to omit the server name and use a relative URI,
       // although this is not RFC 2616 compliant.
       if(isset($HTTP_HOST) && !empty($HTTP_HOST)) {
-        $location = $proto . $HTTP_HOST . $path;
+        $location = $proto . $HTTP_HOST . $port . $path;
       } else if(isset($SERVER_NAME) && !empty($SERVER_NAME)) {
-        $location = $proto . $SERVER_NAME . $path;
+        $location = $proto . $SERVER_NAME . $port . $path;
       } else {
         $location = $path;
       }
@@ -255,29 +262,88 @@
       return $decrypted;
    }
 
-   function OneTimePadCreate ($length=100) {
-      global $REMOTE_PORT, $REMOTE_ADDR, $UNIQUE_ID;
 
-      // Entropy gathering
-      if (function_exists("crc32")) {
-	 $seed1 = (double) microtime() * 1000000;
-	 $seed2 = md5($REMOTE_PORT . $REMOTE_ADDR . $UNIQUE_ID);
-	 if (function_exists("getrusage")) {
-	    $dat = getrusage();
-	    $seed3 = md5($dat["ru_nswap"].$dat["ru_majflt"].$dat["ru_utime.tv_sec"].$dat["ru_utime.tv_usec"].getmypid());
-	 } else {
-	    $seed3 = getmypid();
-	 }
-
-	 $seed = crc32($seed1)*1000000 + crc32($seed2)*10000 + crc32($seed3);
-      } else {
-	 $seed = (double) microtime() * 1000000;
-      }
+   // Randomize the mt_rand() function.  Toss this in strings or
+   // integers and it will seed the generator appropriately.
+   // With strings, it is better to get them long. Use md5() to
+   // lengthen smaller strings.
+   function sq_mt_seed($Val)
+   {
+       // if mt_getrandmax() does not return a 2^n - 1 number,
+       // this might not work well.  This uses $Max as a bitmask.
+       $Max = mt_getrandmax();
+       
+       if (! is_int($Val))
+       {
+           if (function_exists("crc32"))
+           {
+               $Val = crc32($Val);
+           }
+           else
+           {
+               $Str = $Val;
+               $Pos = 0;
+               $Val = 0;
+               $Mask = $Max / 2;
+               $HighBit = $Max ^ $Mask;
+               while ($Pos < strlen($Str))
+               {
+                   if ($Val & $HighBit)
+                   {
+                       $Val = (($Val & $Mask) << 1) + 1;
+                   }
+                   else
+                   {
+                       $Val = ($Val & $Mask) << 1;
+                   }
+                   $Val ^= $Str[$Pos];
+                   $Pos ++;
+               }
+           }
+       }
 
-      srand ($seed);
+       if ($Val < 0)
+         $Val *= -1;
+       if ($Val = 0)
+         return;
+
+       mt_srand(($Val ^ mt_rand(0, $Max)) & $Max);
+   }
+   
+   
+   // This function initializes the random number generator fairly well.
+   // It also only initializes it once, so you don't accidentally get
+   // the same 'random' numbers twice in one session.
+   function sq_mt_randomize()
+   {
+      global $REMOTE_PORT, $REMOTE_ADDR, $UNIQUE_ID;
+      static $randomized;
+      
+      if ($randomized)
+         return;
+      
+      // Global   
+      sq_mt_seed((int)((double) microtime() * 1000000));
+      sq_mt_seed(md5($REMOTE_PORT . $REMOTE_ADDR . getmypid()));
+      
+      // getrusage
+      if (function_exists("getrusage")) {
+         $dat = getrusage();
+	 sq_mt_seed(md5($dat["ru_nswap"] . $dat["ru_majflt"] . 
+	    $dat["ru_utime.tv_sec"] . $dat["ru_utime.tv_usec"]));
+      }
+      
+      // Apache-specific
+      sq_mt_seed(md5($UNIQUE_ID));
+      
+      $randomized = 1;
+   }
+   
+   function OneTimePadCreate ($length=100) {
+      sq_mt_randomize();
       
       for ($i = 0; $i < $length; $i++) {
-	 $pad .= chr(rand(0,255));
+	 $pad .= chr(mt_rand(0,255));
       }
 
       return $pad;
@@ -304,10 +370,15 @@
       if($vrel[0] == "r" || $vrel[0] == "R") 
 	 $vrel = - strval(substr($vrel, 2))/10;
       
-      // Compare major and minor
+      // Compare major version
       if($vmajor < $major) return false;
+      if($vmajor > $major) return true;
+
+      // Major is the same. Compare minor
       if($vminor < $minor) return false;
+      if($vminor > $minor) return true;
       
+      // Major and minor is the same as the required one.
       // Compare release
       if($vrel >= 0 && $release >= 0) {       // Neither are beta
 	 if($vrel < $release) return false;