From 4358708f1b6c4e0463597da857b36c7415ae406f Mon Sep 17 00:00:00 2001 From: Frederic Guillot Date: Sun, 15 Nov 2015 16:31:26 -0500 Subject: Use PHP7 function random_bytes() to generate tokens if available --- app/Core/Security/Token.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'app/Core/Security/Token.php') diff --git a/app/Core/Security/Token.php b/app/Core/Security/Token.php index 2bb66ef2..9fd2d02b 100644 --- a/app/Core/Security/Token.php +++ b/app/Core/Security/Token.php @@ -21,8 +21,10 @@ class Token extends Base */ public static function getToken() { - if (function_exists('openssl_random_pseudo_bytes')) { - return bin2hex(\openssl_random_pseudo_bytes(30)); + if (function_exists('random_bytes')) { + return bin2hex(random_bytes(30)); + } elseif (function_exists('openssl_random_pseudo_bytes')) { + return bin2hex(openssl_random_pseudo_bytes(30)); } elseif (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30)); } -- cgit v1.2.3