Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Stronger session ID generation

This commit is contained in:
Mike Jolley 2014-05-20 11:08:31 +01:00
parent e310146ec4
commit 91f9df629d
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
includes/class-wc-session-handler.php
View File

@ -111,16 +111,20 @@ class WC_Session_Handler extends WC_Session {
} }
/** /**
* generate_customer_id function. * Generate a unique customer ID for guests, or return user ID if logged in.
*
* Uses Portable PHP password hashing framework to generate a unique cryptographically strong ID.
* *
* @access public * @access public
* @return mixed * @return int|string
*/ */
public function generate_customer_id() { public function generate_customer_id() {
if ( is_user_logged_in() ) { if ( is_user_logged_in() ) {
return get_current_user_id(); return get_current_user_id();
} else { } else {
return wp_generate_password( 32, false ); require_once( ABSPATH . 'wp-includes/class-phpass.php');
$hasher = new PasswordHash( 8, false );
return md5( $hasher->get_random_bytes( 32 ) );
} }
} }