Some cleanup related to mt_rand()

- min and max values are 0 and mt_getrandmax() by default
- remove useless mt_srand() seed calls

system/core/Common.php

@@ -92,7 +92,7 @@ function is_really_writable($file)
 		 */
 		if (is_dir($file))
 		{
-			$file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100));
+			$file = rtrim($file, '/').'/'.md5(mt_rand());
 			if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE)
 			{
 				return FALSE;

system/core/Security.php

@@ -488,8 +488,7 @@ public function xss_hash()
 	{
 		if ($this->_xss_hash === '')
 		{
-			mt_srand();
-			$this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
+			$this->_xss_hash = md5(uniqid(mt_rand()));
 		}
 
 		return $this->_xss_hash;

system/libraries/Encrypt.php

@@ -244,7 +244,7 @@ protected function _xor_encode($string, $key)
 		$rand = '';
 		do
 		{
-			$rand .= mt_rand(0, mt_getrandmax());
+			$rand .= mt_rand();
 		}
 		while (strlen($rand) < 32);
 

system/libraries/Session/drivers/Session_cookie.php

@@ -641,7 +641,7 @@ protected function _make_sess_id()
 		$new_sessid = '';
 		do
 		{
-			$new_sessid .= mt_rand(0, mt_getrandmax());
+			$new_sessid .= mt_rand();
 		}
 		while (strlen($new_sessid) < 32);
 
@@ -832,7 +832,6 @@ protected function _sess_gc()
 		$probability = ini_get('session.gc_probability');
 		$divisor = ini_get('session.gc_divisor');
 
-		srand(time());
 		if ((mt_rand(0, $divisor) / $divisor) < $probability)
 		{
 			$expire = $this->now - $this->sess_expiration;

system/libraries/Upload.php

@@ -604,7 +604,6 @@ public function set_filename($path, $filename)
 	{
 		if ($this->encrypt_name === TRUE)
 		{
-			mt_srand();
 			$filename = md5(uniqid(mt_rand())).$this->file_ext;
 		}