wfRandomString: Correct bias toward digits 1-7
Two problems with a single line of code:
* dechex() does not include leading zeros, so the first digit
generated in each iteration cannot be zero unless the return
value of mt_rand() is 0.
This also means wfRandomString() is extremely unlikely to
start a string with '0'.
* mt_rand() does not actually uniformly distribute values over
[0,2^32-1]; it actually right-shifts one of the bits off (just
because "[...] the previous php_rand only returns 31 at most"),
so the maximum value is 0x7fffffff, not 0xffffffff.
This means wfRandomString() will never start a string with
any of the digits 8-f.
Including leading zeros and using only the 28 LSBs to form seven
hex digits at a time is the simplest fix.
Change-Id: Ic19b5b97c582485780b24fd35ffef2111cc8b3ca
dépôts / lhc / web / wiklou.git / commit