summaryrefslogtreecommitdiff
path: root/app/Core/Security/Token.php
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2015-11-15 16:31:26 -0500
committerFrederic Guillot <fred@kanboard.net>2015-11-15 16:31:26 -0500
commit4358708f1b6c4e0463597da857b36c7415ae406f (patch)
tree53070a2c14aa4f76eb525ada78d3e5407d282711 /app/Core/Security/Token.php
parent5dc7a242bc3100b3834722c097d8b241a4fd1e65 (diff)
Use PHP7 function random_bytes() to generate tokens if available
Diffstat (limited to 'app/Core/Security/Token.php')
-rw-r--r--app/Core/Security/Token.php6
1 files changed, 4 insertions, 2 deletions
diff --git a/app/Core/Security/Token.php b/app/Core/Security/Token.php
index 2bb66ef2..9fd2d02b 100644
--- a/app/Core/Security/Token.php
+++ b/app/Core/Security/Token.php
@@ -21,8 +21,10 @@ class Token extends Base
*/
public static function getToken()
{
- if (function_exists('openssl_random_pseudo_bytes')) {
- return bin2hex(\openssl_random_pseudo_bytes(30));
+ if (function_exists('random_bytes')) {
+ return bin2hex(random_bytes(30));
+ } elseif (function_exists('openssl_random_pseudo_bytes')) {
+ return bin2hex(openssl_random_pseudo_bytes(30));
} elseif (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));
}