Commit 8e2b07e0 authored by naveenvalecha's avatar naveenvalecha Committed by elachlan

Issue #2486113 by keshav.k, m1r1k, naveenvalecha: Replace md5 with sha256 hashes

parent f2466023
......@@ -80,7 +80,7 @@ function _captcha_generate_captcha_session($form_id = NULL, $status = CAPTCHA_ST
$user = \Drupal::currentUser();
// Initialize solution with random data.
$solution = md5(mt_rand());
$solution = hash('sha256', mt_rand());
// Insert an entry and thankfully receive the value
// of the autoincrement field 'csid'.
......
......@@ -368,7 +368,7 @@ class ImageCaptchaSettingsForm extends ConfigFormBase {
*
* @return array
* Fonts file objects (with fields 'name',
* 'basename' and 'filename'), keyed on the md5 hash of the font
* 'basename' and 'filename'), keyed on the sha256 hash of the font
* path (to have an easy token that can be used in an url
* without en/decoding issues).
*/
......@@ -385,7 +385,7 @@ class ImageCaptchaSettingsForm extends ConfigFormBase {
$fonts = [];
foreach ($directories as $directory) {
foreach (file_scan_directory($directory, '/\.[tT][tT][fF]$/') as $filename => $font) {
$fonts[md5($filename)] = $font;
$fonts[hash('sha256', $filename)] = $font;
}
}
......
......@@ -85,7 +85,7 @@ class Captcha extends FormElement {
];
// Additional one time CAPTCHA token: store in database and send with form.
$captcha_token = md5(mt_rand());
$captcha_token = hash('sha256', mt_rand());
db_update('captcha_sessions')
->fields(['token' => $captcha_token])
->condition('csid', $captcha_sid)
......
......@@ -33,7 +33,7 @@ class CaptchaCronTestCase extends CaptchaBaseWebTestCase {
$this->drupalLogin($admin_user);
// Initialize solution with random data.
$solution = md5(mt_rand());
$solution = hash('sha256', mt_rand());
// Insert an entry and thankfully receive the value
// of the autoincrement field 'csid'.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment