From 2334a0ed0aff8ff556fe58088b7af64a83e596a8 Mon Sep 17 00:00:00 2001
From: "Fedor A. Fetisov" <faf@ossg.ru>
Date: Fri, 13 Sep 2013 19:36:56 +0400
Subject: [PATCH] Switch to a more secure method for generation of the token
 for request for a password restore

---
 src/messenger/webim/operator/restore.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/messenger/webim/operator/restore.php b/src/messenger/webim/operator/restore.php
index 01be3df8..a4ebbf6e 100644
--- a/src/messenger/webim/operator/restore.php
+++ b/src/messenger/webim/operator/restore.php
@@ -38,7 +38,8 @@ if (isset($_POST['loginoremail'])) {
 	}
 
 	if (count($errors) == 0) {
-		$token = md5((time() + microtime()) . rand(0, 99999999));
+
+		$token = sha1($torestore['vclogin'] . (function_exists('openssl_random_pseudo_bytes') ? openssl_random_pseudo_bytes(32) : (time() + microtime()) . mt_rand(0, 99999999)));
 
 		$link = connect();
 		$query = sprintf("update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '%s' where operatorid = %s", mysql_real_escape_string($token, $link), intval($torestore['operatorid']));