Mibew/mibew
1
0
Fork 0
mirror of https://github.com/Mibew/mibew.git synced 2025-02-08 00:34:42 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Make CSRF token more secure

Browse Source
This commit is contained in:
Fedor A. Fetisov 2013-10-29 02:41:17 +04:00
parent a6d1008242
commit 58e8dcd5f6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/mibew/libs/common/csrf.php
View File

@ -55,7 +55,7 @@ function print_csrf_token_in_url()
function setcsrftoken()
{
if (!isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = sha1(rand(10000000, 99999999));
$_SESSION['csrf_token'] = sha1(session_id() . (function_exists('openssl_random_pseudo_bytes') ? openssl_random_pseudo_bytes(32) : (time() + microtime()) . mt_rand(0, 99999999)));
}
}