From 8bb1551f7abb499ce04597dbf606b169fb35efd7 Mon Sep 17 00:00:00 2001 From: "Fedor A. Fetisov" Date: Fri, 13 Sep 2013 20:18:47 +0400 Subject: [PATCH] Switch to a more secure method for generation of the thread token --- src/messenger/webim/libs/chat.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/messenger/webim/libs/chat.php b/src/messenger/webim/libs/chat.php index 15a83230..70004a3e 100644 --- a/src/messenger/webim/libs/chat.php +++ b/src/messenger/webim/libs/chat.php @@ -40,7 +40,7 @@ $kind_to_string = array($kind_user => "user", $kind_agent => "agent", $kind_for_ function next_token() { - return rand(99999, 99999999); + return function_exists('openssl_random_pseudo_bytes') ? hexdec(bin2hex(openssl_random_pseudo_bytes(4))) : mt_rand(99999, 99999999); } function next_revision($link)