From 74f5964471472583980303e562d9ec137aacb31b Mon Sep 17 00:00:00 2001
From: Savetheinternet <savetheinternet@tinyboard.org>
Date: Thu, 8 Dec 2011 14:44:33 +1100
Subject: [PATCH] use raw SHA1 to calculate anti-spam inputs

---
 inc/functions.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/inc/functions.php b/inc/functions.php
index 7dcdc088..c469a6c7 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -1061,7 +1061,8 @@
 		for($x=0;$x<$input_count;$x++) {
 			if(rand(0, 2) == 0 || $hidden_input_names_x < 0) {
 				// Use an obscure name
-				$name = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
+				$name = strtolower(substr(base64_encode(sha1(rand(), true)), 0, rand(2, 20)));
+				
 			} else {
 				// Use a pre-defined confusing name
 				$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
@@ -1077,7 +1078,7 @@
 				$inputs[$name] = rand(0, 100);
 			} else {
 				// Obscure value
-				$inputs[$name] = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
+				$inputs[$name] = substr(base64_encode(sha1(rand(), true) . sha1(rand(), true)), 0, rand(2, 54));
 			}
 		}