refactor: insecure uniqid usage

app/Helpers/TorrentTools.php

@@ -172,7 +172,7 @@ class TorrentTools
      */
     public static function getNfo($inputFile)
     {
-        $fileName = \uniqid().'.nfo';
+        $fileName = \uniqid('', true).'.nfo';
         $inputFile->move(\getcwd().'/files/tmp/', $fileName);
         if (\file_exists(\getcwd().'/files/tmp/'.$fileName)) {
             $fileContent = \file_get_contents(\getcwd().'/files/tmp/'.$fileName);

app/Http/Controllers/API/TorrentController.php

@@ -93,7 +93,7 @@ class TorrentController extends BaseController
             return $this->sendError('Validation Error.', 'You Must Provide A Valid Torrent File For Upload!');
         }
 
-        $fileName = \sprintf('%s.torrent', \uniqid()); // Generate a unique name
+        $fileName = \sprintf('%s.torrent', \uniqid('', true)); // Generate a unique name
         Storage::disk('torrents')->put($fileName, Bencode::bencode($decodedTorrent));
 
         // Find the right category

app/Http/Controllers/AlbumController.php

@@ -71,7 +71,7 @@ class AlbumController extends Controller
         $album->imdb = $request->input('imdb');
 
         $image = $request->file('cover_image');
-        $filename = 'album-cover_'.\uniqid().'.'.$image->getClientOriginalExtension();
+        $filename = 'album-cover_'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
         $path = \public_path('/files/img/'.$filename);
         Image::make($image->getRealPath())->fit(400, 225)->encode('png', 100)->save($path);
         $album->cover_image = $filename;

app/Http/Controllers/Auth/RegisterController.php

@@ -84,8 +84,8 @@ class RegisterController extends Controller
         $user->username = $request->input('username');
         $user->email = $request->input('email');
         $user->password = Hash::make($request->input('password'));
-        $user->passkey = \md5(\uniqid().\time().\microtime());
-        $user->rsskey = \md5(\uniqid().\time().\microtime().$user->password);
+        $user->passkey = \md5(\uniqid('', true).\time().\microtime());
+        $user->rsskey = \md5(\uniqid('', true).\time().\microtime().$user->password);
         $user->uploaded = \config('other.default_upload');
         $user->downloaded = \config('other.default_download');
         $user->style = \config('other.default_style', 0);

app/Http/Controllers/ImageController.php

@@ -52,7 +52,7 @@ class ImageController extends Controller
         $image->type = $request->input('type');
 
         $file = $request->file('image');
-        $random_name = \uniqid();
+        $random_name = \uniqid('', true);
         $destinationPath = \public_path('/files/img/');
         $clientOriginalExtension = $file->getClientOriginalExtension();
         $filename = 'album-image_'.$random_name.'.'.$clientOriginalExtension;

app/Http/Controllers/PlaylistController.php

@@ -86,7 +86,7 @@ class PlaylistController extends Controller
 
         if ($request->hasFile('cover_image') && $request->file('cover_image')->getError() === 0) {
             $image = $request->file('cover_image');
-            $filename = 'playlist-cover_'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'playlist-cover_'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(400, 225)->encode('png', 100)->save($path);
             $playlist->cover_image = $filename;
@@ -206,7 +206,7 @@ class PlaylistController extends Controller
 
         if ($request->hasFile('cover_image') && $request->file('cover_image')->getError() === 0) {
             $image = $request->file('cover_image');
-            $filename = 'playlist-cover_'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'playlist-cover_'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(400, 225)->encode('png', 100)->save($path);
             $playlist->cover_image = $filename;

app/Http/Controllers/Staff/ArticleController.php

@@ -63,7 +63,7 @@ class ArticleController extends Controller
 
         if ($request->hasFile('image')) {
             $image = $request->file('image');
-            $filename = 'article-'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'article-'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(75, 75)->encode('png', 100)->save($path);
             $article->image = $filename;
@@ -120,7 +120,7 @@ class ArticleController extends Controller
 
         if ($request->hasFile('image')) {
             $image = $request->file('image');
-            $filename = 'article-'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'article-'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(75, 75)->encode('png', 100)->save($path);
             $article->image = $filename;

app/Http/Controllers/Staff/CategoryController.php

@@ -68,7 +68,7 @@ class CategoryController extends Controller
 
         if ($request->hasFile('image')) {
             $image = $request->file('image');
-            $filename = 'category-'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'category-'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(50, 50)->encode('png', 100)->save($path);
             $category->image = $filename;
@@ -135,7 +135,7 @@ class CategoryController extends Controller
 
         if ($request->hasFile('image')) {
             $image = $request->file('image');
-            $filename = 'category-'.\uniqid().'.'.$image->getClientOriginalExtension();
+            $filename = 'category-'.\uniqid('', true).'.'.$image->getClientOriginalExtension();
             $path = \public_path('/files/img/'.$filename);
             Image::make($image->getRealPath())->fit(50, 50)->encode('png', 100)->save($path);
             $category->image = $filename;

app/Http/Controllers/SubtitleController.php

@@ -86,7 +86,7 @@ class SubtitleController extends Controller
     {
         $user = $request->user();
         $subtitle_file = $request->file('subtitle_file');
-        $filename = \uniqid().'.'.$subtitle_file->getClientOriginalExtension();
+        $filename = \uniqid('', true).'.'.$subtitle_file->getClientOriginalExtension();
 
         $subtitle = new Subtitle();
         $subtitle->title = $request->input('torrent_name');

app/Http/Controllers/UserController.php

@@ -527,7 +527,7 @@ class UserController extends Controller
 
         \abort_unless($request->user()->id == $user->id, 403);
 
-        $user->passkey = \md5(\uniqid().\time().\microtime());
+        $user->passkey = \md5(\uniqid('', true).\time().\microtime());
         $user->save();
 
         \cache()->forget(\sprintf('user:%s', $user->passkey));
@@ -1102,7 +1102,7 @@ class UserController extends Controller
 
         \abort_unless($request->user()->id == $user->id, 403);
 
-        $user->rsskey = \md5(\uniqid().\time().\microtime());
+        $user->rsskey = \md5(\uniqid('', true).\time().\microtime());
         $user->save();
 
         return \redirect()->route('user_security', ['username' => $user->username, 'hash' => '#rid'])