rfc:functiongetentropy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
rfc:functiongetentropy [2008/11/30 02:49]
preinheimer created
rfc:functiongetentropy [2017/09/22 13:28] (current)
Line 3: Line 3:
   * Date: 2008-11-29   * Date: 2008-11-29
   * Author: Paul Reinheimer <preinheimer@php.net>   * Author: Paul Reinheimer <preinheimer@php.net>
-  * Status: in the works+  * Status: Declined
  
  
Line 21: Line 21:
 <?php <?php
 $nonce = unpack('h', getEntropy(128)); $nonce = unpack('h', getEntropy(128));
-echo '<input type="hidden" name="csrf" value="' . $nonce . '">;+echo '<input type="hidden" name="csrf" value="' . $nonce . '">';
 $_SESSION['csrf'] = $nonce; $_SESSION['csrf'] = $nonce;
 </code> </code>
  
 +===== Changelog =====
 +Declined, as having http://php.net/openssl_random_pseudo_bytes makes this RFC obsolete.
rfc/functiongetentropy.1228013347.txt.gz · Last modified: 2017/09/22 13:28 (external edit)