Hi Kazuo, On Sat, Jan 7, 2017 at 9:54 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> You misunderstand the mail. > PHPMailer and uniqid() fix is unrelated, but uniqid() is misused proposed > patch in obvious way. > > >> >> What's your intention? >> > > The point we should learn from the code is, it is clear that users > misunderstand how uniqid() works. You'll find number of such usages if you > search net. There is uniqid() improvement RFC https://wiki.php.net/rfc/uniqid The proposed patch for PHPmailer proves we should improve 'more_entropy' option and enable it by default. That's my point. Enabling 'more_entropy' option by default will be handled by RFC process, but we can simply improve randomness of 'more_entropy' w/o BC for now. This is what I proposed. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
