Generate longer more secure Keys for shareable URLs using best practice

This commit is contained in:
johnnyq
2022-12-29 16:50:57 -05:00
parent a255441bc3
commit d6d908f0b8
3 changed files with 9 additions and 9 deletions

View File

@@ -285,7 +285,7 @@ while($row = mysqli_fetch_array($sql_companies)){
mysqli_query($mysqli,"UPDATE settings SET config_invoice_next_number = $new_config_invoice_next_number WHERE company_id = $company_id");
//Generate a unique URL key for clients to access
$url_key = keygen();
$url_key = bin2hex(random_bytes(78));
mysqli_query($mysqli,"INSERT INTO invoices SET invoice_prefix = '$config_invoice_prefix', invoice_number = $new_invoice_number, invoice_scope = '$recurring_scope', invoice_date = CURDATE(), invoice_due = DATE_ADD(CURDATE(), INTERVAL $client_net_terms day), invoice_amount = '$recurring_amount', invoice_currency_code = '$recurring_currency_code', invoice_note = '$recurring_note', invoice_category_id = $category_id, invoice_status = 'Sent', invoice_url_key = '$url_key', invoice_created_at = NOW(), invoice_client_id = $client_id, company_id = $company_id");