increase randomness of shared url keys a bit

classes/pref/feeds.php

@@ -1891,7 +1891,7 @@ class Pref_Feeds extends Handler_Protected {
 			AND owner_uid = " . $owner_uid);
 
 		if ($this->dbh->num_rows($result) == 1) {
-			$key = $this->dbh->escape_string(uniqid());
+			$key = $this->dbh->escape_string(uniqid(base_convert(rand(), 10, 36)));
 
 			$this->dbh->query("UPDATE ttrss_access_keys SET access_key = '$key'
 				WHERE feed_id = '$feed_id' AND is_cat = $sql_is_cat

include/functions.php

@@ -3753,7 +3753,7 @@
 		if (db_num_rows($result) == 1) {
 			return db_fetch_result($result, 0, "access_key");
 		} else {
-			$key = db_escape_string(uniqid());
+			$key = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
 
 			$result = db_query("INSERT INTO ttrss_access_keys
 				(access_key, feed_id, is_cat, owner_uid)

plugins/instances/init.php

@@ -407,7 +407,7 @@ class Instances extends Plugin implements IHandler {
 
 		print "<hr/>";
 
-		$access_key = uniqid();
+		$access_key = uniqid(rand(), true);
 
 		/* Access key */
 
@@ -439,7 +439,7 @@ class Instances extends Plugin implements IHandler {
 	}
 
 	function genHash() {
-		$hash = uniqid();
+		$hash = uniqid(base_convert(rand(), 10, 36));
 
 		print json_encode(array("hash" => $hash));
 	}

plugins/share/init.php

@@ -60,7 +60,7 @@ class Share extends Plugin {
 	function newkey() {
 		$id = db_escape_string($_REQUEST['id']);
 
-		$uuid = db_escape_string(uniqid());
+		$uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
 
 		db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id'
 			AND owner_uid = " . $_SESSION['uid']);
@@ -91,7 +91,7 @@ class Share extends Plugin {
 			$ref_id = db_fetch_result($result, 0, "ref_id");
 
 			if (!$uuid) {
-				$uuid = db_escape_string(uniqid());
+				$uuid = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
 				db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param'
 					AND owner_uid = " . $_SESSION['uid']);
 			}