diff options
-rw-r--r-- | config_defaults.rb | 2 | ||||
-rwxr-xr-x | index.cgi | 9 |
2 files changed, 4 insertions, 7 deletions
diff --git a/config_defaults.rb b/config_defaults.rb index 532231b..bb12e9f 100644 --- a/config_defaults.rb +++ b/config_defaults.rb @@ -36,6 +36,8 @@ else end $conf.siteurl = "#{protocol}://#{$cgi.server_name}#{port}#{$cgi.script_name.gsub(/[^\/]*$/,"")}" +$conf.random_chars = 7 + $conf.breadcrumbs = [] $conf.header = [] $conf.footer = [] @@ -32,13 +32,8 @@ if $cgi.include?("create_poll") && $cgi.include?("poll_url") createnotice = _("Please enter a descriptive title.") else if $cgi["poll_url"] == "" - guessurl = polltitle.gsub(" ","_").gsub(/[\?\!\.]/,"") - if guessurl =~ /^[a-zA-Z0-9_-]+$/ && !File.exist?(guessurl) - pollurl = guessurl - else - chars = ("a".."z").to_a + ("1".."9").to_a - pollurl = Array.new(8){chars[rand(chars.size)]}.join - end + require "securerandom" + true while(File.exists?(pollurl = SecureRandom.urlsafe_base64($conf.random_chars))) else pollurl=$cgi["poll_url"] end |