On 2010-09-20 9:46.PD, Ap.Muthu wrote: > Entropy of $key* variables: > > The $key* variables in /include/core/inc_init_main.php are string variables > only. > Are they used as int values in the PEAR and other crypt functions? > What happens to leading zeroes in the string - do they matter - or are they > stripped off and used? the $keys servers a a protection against xsrf attacks
gj. > Regards, > Ap.Muthu > >> Hi Muthu, >> >> Great! >> >> Robert >> >> >> Am Sonntag, den 19.09.2010, 15:24 +0530 schrieb Ap.Muthu: >>> Hi GJ, >>> >>> File: installer/versions.php : >>> Line 10: $rmax=getrandmax(); >>> Gives $rand a random number between 0 and 2147483647 on 32 bit installs - >>> that is 10 digits max. >>> Lines 32 to 34 place a computed default value using: >>> ( rand(1,$rmax) . rand(1,$rmax) ) * rand(1,$rmax) >>> >>> At a maximum, a 10 digit number cocatenated with another 10 digit number >>> and >>> then the resulting max 19 digit number (since the max number begins with >>> 2) >>> is multiplied with another max of 10 digit number resulting in a 27-29 >>> digit >>> number and hence the Scientific notation to fit within the 30 chars of >>> the >>> input field as the PHP variable is defaulting to a 4 byte precision >>> integer. >>> >>> Replacing the last expression with: >>> substr((rand(1,$rmax).rand(1,$rmax).rand(1,$rmax).rand(1,$rmax)), 0, >>> 32) >>> will ensure a high probability of getting a 32 digit number without >>> "Scientific Truncation". >>> >>> This has been committed in SVN 6761. >>> >>> Regards, >>> Ap.Muthu >>> >>>> Hi GJ, >>>> >>>> Can the $key* variables be hexadecimal numbers? >>>> >>>> Regards, >>>> Ap.Muthu >>>> >>>>> Hi Muthu, >>>>> >>>>> it should be 32 bits, but for php it depends heavily on the platform, >>>>> you should chekc *PHP_INT_SIZE* for that. >>>>> >>>>> can you please contact robert to set up the demo ? >>>>> he is currently maintaining the care2x.org server >>>>> >>>>> gj. >>>>> >>>>> On 2010-09-18 7:14.MD, Ap.Muthu wrote: >>>>>> Hi GJ, >>>>>> >>>>>> Thanks for the info. >>>>>> What is the size /length restriction of the $key* variables? >>>>>> Each install can have random values. >>>>>> I am trying to make a single click install of care2x (OpenVZ) to >>>>>> demonstrate >>>>>> it's usability and help getting feedback from the community. >>>>>> >>>>>> Regards, >>>>>> Ap.Muthu >>>>>> >>>>>>> Hi Muthu, >>>>>>> >>>>>>> >>>>>>> On 2010-09-18 6:18.MD, Ap.Muthu wrote: >>>>>>>> Hi Robert, >>>>>>>> >>>>>>>> What is the allowed charset for $key, $key_2level and $key_login in >>>>>>>> /include/core/inc_init_main.php ? >>>>>>>> >>>>>>> the allowed charset is only numeric, but strangely on trunk i see >>>>>>> scientific numbering there >>>>>>> >>>>>>>> The SVN 6753 seemed to change the default Time Zone from >>>>>>>> Africa/Abidjan >>>>>>>> to >>>>>>>> to Europe/Rome and the keys from Scientific numbering to long >>>>>>>> integers. >>>>>>>> >>>>>>> it depends on the value given during the setup >>>>>>> check out file inc_init_main.php.dist in the installer dir, the last >>>>>>> line should be >>>>>>> $timezone = 'TIMEZONE'; >>>>>>> >>>>>>> gj. >>>>>>>> There is an acive Care2x clone in Venezuela and their release is >>>>>>>> Synapsis >>>>>>>> v2.3 available at: >>>>>>>> http://forja.softwarelibre.gob.ve/frs/?group_id=31 >>>>>>>> Download: >>>>>>>> http://forja.softwarelibre.gob.ve/frs/download.php/143/Sinapsis.tar.gz >>>>>>>> 32 MB >>>>>>>> >>>>>>>> Browse their SVN at: >>>>>>>> http://forja.softwarelibre.gob.ve/scm/browser.php?group_id=31 >>>>>>>> >>>>>>>> I got the blue_aqua icons/buttons from there. >>>>>>>> >>>>>>>> Thanks for the nursing fix.... >>>>>>>> >>>>>>>> Regards, >>>>>>>> Ap.Muthu >>> >>> >>> ------------------------------------------------------------------------------ >>> Start uncovering the many advantages of virtual appliances >>> and start using them to simplify application deployment and >>> accelerate your shift to cloud computing. >>> http://p.sf.net/sfu/novell-sfdev2dev >>> _______________________________________________ >>> Care2002-developers mailing list >>> Care2002-developers@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/care2002-developers >> -- >> -- >> -------------------------------------------- >> CARE2X - free Integ Hospital Info System >> https://sourceforge.net/projects/care2002/ >> http://www.care2x.org >> >> >> ------------------------------------------------------------------------------ >> Start uncovering the many advantages of virtual appliances >> and start using them to simplify application deployment and >> accelerate your shift to cloud computing. >> http://p.sf.net/sfu/novell-sfdev2dev >> _______________________________________________ >> Care2002-developers mailing list >> Care2002-developers@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/care2002-developers >> > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > Care2002-developers mailing list > Care2002-developers@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/care2002-developers ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Care2002-developers mailing list Care2002-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/care2002-developers
