From 4a5827ea3d82259c5f77a1b3c8ca7eb6a50cc514 Mon Sep 17 00:00:00 2001
From: Pellaeon Lin <nfsmwlin@gmail.com>
Date: Wed, 6 May 2015 22:46:26 +0800
Subject: [PATCH] Update# use \OCP\Security\ISecureRandom to generate random
 string

---
 app/registration.php | 3 ++-
 db/pendingregist.php | 9 +++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/app/registration.php b/app/registration.php
index 9bbb677..6afed71 100644
--- a/app/registration.php
+++ b/app/registration.php
@@ -71,7 +71,8 @@ class Registration extends App {
 		});
 
 		$container->registerService('PendingRegist', function($c) {
-			return new PendingRegist($c->query('ServerContainer')->getDb());
+			return new PendingRegist($c->query('ServerContainer')->getDb(),
+				$c->query('ServerContainer')->getSecureRandom()->getMediumStrengthGenerator());
 		});
 	}
 
diff --git a/db/pendingregist.php b/db/pendingregist.php
index c46e7cc..fb190a7 100644
--- a/db/pendingregist.php
+++ b/db/pendingregist.php
@@ -4,19 +4,24 @@ namespace OCA\Registration\Db;
 use \OCP\IDb;
 use \OCP\Util;
 use \OCP\Config;
+use \OCP\Security\ISecureRandom;
 
 class PendingRegist {
 
 	private $db;
 
-	public function __construct(IDb $db) {
+	/** @var \OCP\Security\ISecureRandom */
+	protected $random;
+
+	public function __construct(IDb $db, ISecureRandom $random) {
 		$this->db = $db;
+		$this->random = $random;
 	}
 
 	public function save($email) {
 		$query = $this->db->prepareQuery( 'INSERT INTO `*PREFIX*registration`'
 			.' ( `email`, `token`, `requested` ) VALUES( ?, ?, NOW() )' );
-		$token = hash('sha256', Util::generateRandomBytes(30).Config::getSystemValue('passwordsalt', ''));
+		$token = $this->random->generate(30);
 		$query->execute(array( $email, $token ));
 		return $token;
 	}