jan/miniflux-legacy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use function random_bytes() of PHP7 if available

Browse Source
This commit is contained in:
Frederic Guillot 2015-12-07 20:51:59 -05:00
parent af17459593
commit 0ec12c64c3
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
models/config.php
View File

@ -235,8 +235,11 @@ function check_csrf($token)
// Generate a token from /dev/urandom or with uniqid() if open_basedir is enabled // Generate a token from /dev/urandom or with uniqid() if open_basedir is enabled
function generate_token() function generate_token()
{ {
if (function_exists('openssl_random_pseudo_bytes')) { if (function_exists('random_bytes')) {
return bin2hex(openssl_random_pseudo_bytes(25)); return bin2hex(random_bytes(30));
}
else if (function_exists('openssl_random_pseudo_bytes')) {
return bin2hex(openssl_random_pseudo_bytes(30));
} }
else if (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { else if (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30)); return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));