We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent dbb2673 commit f20970dCopy full SHA for f20970d
libraries/session.inc.php
@@ -13,6 +13,8 @@
13
exit;
14
}
15
16
+require PHPSECLIB_INC_DIR . '/Crypt/Random.php';
17
+
18
// verify if PHP supports session, die if it does not
19
20
if (!@function_exists('session_name')) {
@@ -111,7 +113,7 @@
111
113
* (we use "space PMA_token space" to prevent overwriting)
112
114
*/
115
if (! isset($_SESSION[' PMA_token '])) {
- $_SESSION[' PMA_token '] = md5(uniqid(rand(), true));
116
+ $_SESSION[' PMA_token '] = bin2hex(phpseclib\Crypt\Random::string(16));
117
118
119
/**
@@ -130,5 +132,5 @@ function PMA_secureSession()
130
132
) {
131
133
session_regenerate_id(true);
134
135
136
0 commit comments