From a16d95d05b16377dbc5b3c30ddf254a5493eae58 Mon Sep 17 00:00:00 2001 From: Imran Hussain Date: Tue, 29 Dec 2015 17:07:38 +0000 Subject: [PATCH 1/3] Replace the old UID generation. New UID generation system that uses the full year as a prefix. Should stop UIDs from being reused. --- components/signup.php | 12 ++---------- lib/member_functions.php | 35 ++++++++++++++++++++++------------- 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/components/signup.php b/components/signup.php index 3e722a1..c850da5 100644 --- a/components/signup.php +++ b/components/signup.php @@ -128,16 +128,8 @@ if (isset($_REQUEST['signupid']) && isset($_REQUEST['signuppw'])) { ); $failed = true; } else { - // determine the uid range - if ($row[type] == 2) { - $baseuid = 8; - } else { - $baseuid = 29; - } - $minuid = $baseuid * 1000; - $maxuid = $minuid + 999; - //get the new uid - $uid = findUid($minuid, $maxuid); + //generate the new uid + $uid = generateUid(); // make a password $password = make_password(); // make the ldif diff --git a/lib/member_functions.php b/lib/member_functions.php index a7a5701..b4579c7 100644 --- a/lib/member_functions.php +++ b/lib/member_functions.php @@ -29,21 +29,30 @@ function make_password($length = 8) return $password; } -function findUid($start, $end) +function generateUid() { - $ds = ldap_connect("localhost"); - ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); - $r = ldap_bind($ds); - $sr = ldap_search($ds, "dc=sucs,dc=org", "uid=*", array(uidNumber)); - $info = ldap_get_entries($ds, $sr); - for ($i = 0; $i < $info[count]; $i++) { - $uids[$info[$i][uidnumber][0]] = true; - } - for ($i = $start; $i < $end; $i++) { - if (!isset($uids[$i])) { - $safeuid = $i; - break; + + //get the year, this'll be the start/prefix of the uid + $prefix = date("Y"); + + //generate a uid + //check to see if it's taken/safe to use + $ok = false; + while ($ok == false) { + + //generate random number between 00000 and 99999 + $uid = sprintf("%06d", mt_rand(0, 99999)); + + // id return 1 for error (safe to take). 0 for sucess (taken) not safe + shell_exec("id ".$prefix.$uid, $output, $returnVal); + + //check the result of id + if ($returnVal == 1) { + // We have a unused one! + $ok = true; + $sfaeuid = $prefix.$uid; } + } return $safeuid; -- GitLab From 080478fe19d550e7de5157cdb22c290025f6b306 Mon Sep 17 00:00:00 2001 From: Laurence Sebastian Bowes Date: Sat, 13 Feb 2016 03:26:59 +0000 Subject: [PATCH 2/3] Twat --- lib/member_functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/member_functions.php b/lib/member_functions.php index b4579c7..ff41a26 100644 --- a/lib/member_functions.php +++ b/lib/member_functions.php @@ -50,7 +50,7 @@ function generateUid() if ($returnVal == 1) { // We have a unused one! $ok = true; - $sfaeuid = $prefix.$uid; + $safeuid = $prefix.$uid; } } -- GitLab From c2f7394d9ed8408f824008a6a2ed5a57f03af51e Mon Sep 17 00:00:00 2001 From: Laurence Sebastian Bowes Date: Sat, 13 Feb 2016 03:44:17 +0000 Subject: [PATCH 3/3] Minor fixes. Happy with this code now. --- lib/member_functions.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/member_functions.php b/lib/member_functions.php index ff41a26..f5f4d7b 100644 --- a/lib/member_functions.php +++ b/lib/member_functions.php @@ -41,14 +41,14 @@ function generateUid() while ($ok == false) { //generate random number between 00000 and 99999 - $uid = sprintf("%06d", mt_rand(0, 99999)); + $uid = sprintf("%05d", mt_rand(0, 99999)); - // id return 1 for error (safe to take). 0 for sucess (taken) not safe - shell_exec("id ".$prefix.$uid, $output, $returnVal); + //id return 1 for error (safe to take). 0 for success (taken) not safe + exec("id ".$prefix.$uid, $output, $returnVal); //check the result of id if ($returnVal == 1) { - // We have a unused one! + // We have an unused one! $ok = true; $safeuid = $prefix.$uid; } -- GitLab