Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Generate unsubscribe tokens

Browse Source
This commit is contained in:
Amine Ben hammou
2019-07-23 11:57:59 +01:00
committed by M. Shull
parent 531173014a
commit 33f442df9f
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/Util/Security.php
View File

@@ -5,14 +5,20 @@ use MailPoet\WP\Functions as WPFunctions;
class Security {
const HASH_LENGTH = 12;
const UNSUBSCRIBE_TOKEN_LENGTH = 15;
static function generateToken($action = 'mailpoet_token') {
return WPFunctions::get()->wpCreateNonce($action);
}
/**
* Generate random lowercase alphanumeric string.
* 1 lowercase alphanumeric character = 6 bits (because log2(36) = 5.17)
* So 3 bytes = 4 characters
*/
static function generateRandomString($length = 5) {
$length = max(5, (int)$length);
$string = bin2hex(random_bytes($length)); // phpcs:ignore
$string = base_convert(bin2hex(random_bytes(ceil(3 * $length / 4))), 16, 36); // phpcs:ignore
return substr($string, 0, $length);
}
@@ -28,4 +34,14 @@ class Security {
$length
);
}
static public function generateUnsubscribeToken($model) {
$token = self::generateRandomString(self::UNSUBSCRIBE_TOKEN_LENGTH);
$found = $model::whereEqual('unsubscribe_token', $token)->count();
while ($found > 0) {
$token = self::generateRandomString(self::UNSUBSCRIBE_TOKEN_LENGTH);
$found = $model::whereEqual('unsubscribe_token', $token)->count();
}
return $token;
}
}