From 98c6c297164c94a4e2f855087dfebc86b3b3208a Mon Sep 17 00:00:00 2001
From: Vlad <site.github@mrcasual.com>
Date: Sun, 11 Dec 2016 11:53:49 -0500
Subject: [PATCH] - Limits the length of subscriber token to allow for smaller
 URL data   objects

---
 lib/Models/Subscriber.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/Models/Subscriber.php b/lib/Models/Subscriber.php
index 410345b085..b10289df99 100644
--- a/lib/Models/Subscriber.php
+++ b/lib/Models/Subscriber.php
@@ -14,8 +14,8 @@ class Subscriber extends Model {
   const STATUS_UNSUBSCRIBED = 'unsubscribed';
   const STATUS_UNCONFIRMED = 'unconfirmed';
   const STATUS_BOUNCED = 'bounced';
-
   const SUBSCRIPTION_LIMIT_COOLDOWN = 60;
+  const SUBSCRIBER_TOKEN_LENGTH = 6;
 
   function __construct() {
     parent::__construct();
@@ -154,13 +154,17 @@ class Subscriber extends Model {
 
   static function generateToken($email = null) {
     if($email !== null) {
-      return md5(AUTH_KEY.$email);
+      return substr(md5(AUTH_KEY . $email), 0, self::SUBSCRIBER_TOKEN_LENGTH);
     }
     return false;
   }
 
   static function verifyToken($email, $token) {
-    return call_user_func('hash_equals', self::generateToken($email), $token);
+    return call_user_func(
+      'hash_equals',
+      self::generateToken($email),
+      substr($token, 0, self::SUBSCRIBER_TOKEN_LENGTH)
+    );
   }
 
   static function subscribe($subscriber_data = array(), $segment_ids = array()) {