diff options
Diffstat (limited to 'it_session.class')
| -rw-r--r-- | it_session.class | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/it_session.class b/it_session.class index af26082..e8c856c 100644 --- a/it_session.class +++ b/it_session.class @@ -161,7 +161,7 @@ function set_valid($valid = true, $login_identifier_required = false, $login_ide } else { - $this->cookie = md5(uniqid(rand())); /* random garbage */ + $this->cookie = bin2hex(random_bytes(16)); /* random garbage */ $result = !$valid; /* Setting to invalid succeeded or setting to valid failed */ } @@ -189,7 +189,7 @@ function create_login_identifier() { if (!$this->cookie) { - $this->cookie = md5(uniqid(rand())); /* random garbage */ + $this->cookie = bin2hex(random_bytes(16)); /* random garbage */ it::setcookie($this->cookiename, $this->cookie, [ 'expires' => _IT_SESSION_COOKIE_EXPIRY, 'path' => "/", 'domain' => $this->domain, 'secure' => $this->ssl, 'httponly' => true, 'samesite' => _IT_USER_COOKIE_SAMESITE ]); } |