我正在使用PHP V5.6.16
我在尝试创建访问令牌时遇到此错误
crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash
这是我正在使用的功能。
/**
* Generate a token
* @return string token
*/
private function getToken()
{
$random_id_length = 15;
//generate a random id encrypt it and store it in $rnd_id
$rnd_id = crypt(uniqid(rand(), CRYPT_EXT_DES));
//to remove any slashes that might have come
$rnd_id = strip_tags(stripslashes($rnd_id));
//Removing any . or / and reversing the string
$rnd_id = str_replace(".", "", $rnd_id);
$rnd_id = strrev(str_replace("/", "", $rnd_id));
//finally I take the first 10 characters from the $rnd_id
$rnd_id = substr($rnd_id, 0, $random_id_length);
return urldecode($rnd_id);
}
如何解决?
我在尝试创建访问令牌时遇到此错误
不要使用crypt()
.拿一份paragonie/random_compat,改用random_bytes()
。
function getToken($randomIdLength = 10)
{
$token = '';
do {
$bytes = random_bytes($randomIdLength);
$token .= str_replace(
['.','/','='],
'',
base64_encode($bytes)
);
} while (strlen($token) < $randomIdLength);
return $token;
}