-
Jared Hancock authored
Misc::randCode does not generate significantly random data for Windows platforms with a local database. This stems from the random seed using the milliseconds from the current time of day and the database connection time, in microseconds. Because Windows has especially poor sub-second time resolution via the microtime() function, the seed does not have many variations. This patch addresses the issue by using the included Crypto::random() function as a source of random data rather than the mt_rand() function, as it uses native cryptographic random data generators if possible to generate the data, and uses microtime() as a fallback if no other source of random data is available on the platform.
Jared Hancock authoredMisc::randCode does not generate significantly random data for Windows platforms with a local database. This stems from the random seed using the milliseconds from the current time of day and the database connection time, in microseconds. Because Windows has especially poor sub-second time resolution via the microtime() function, the seed does not have many variations. This patch addresses the issue by using the included Crypto::random() function as a source of random data rather than the mt_rand() function, as it uses native cryptographic random data generators if possible to generate the data, and uses microtime() as a fallback if no other source of random data is available on the platform.
