AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use PHP7 function random_bytes() to generate tokens if available

This commit is contained in:
Frederic Guillot 2015-11-15 16:31:26 -05:00
parent 5dc7a242bc
commit 4358708f1b
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -8,6 +8,7 @@ New features:
Improvements:
* Improve error handling of plugins
* Use PHP7 function random_bytes() to generate tokens if available
Internal code refactoring:

6
app/Core/Security/Token.php
View File

@ -21,8 +21,10 @@ class Token extends Base
*/
public static function getToken()
{
if (function_exists('openssl_random_pseudo_bytes')) {
return bin2hex(\openssl_random_pseudo_bytes(30));
if (function_exists('random_bytes')) {
return bin2hex(random_bytes(30));
} elseif (function_exists('openssl_random_pseudo_bytes')) {
return bin2hex(openssl_random_pseudo_bytes(30));
} elseif (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));
}