Skip to content
Permalink
Browse files
Merge pull request #1438 from michaellrowley/security-patch
  • Loading branch information
star7th committed Aug 3, 2021
2 parents 034328a + db53edb commit 4b962c1740311e0d46775023b6acba39ad60e370
Showing with 2 additions and 2 deletions.
  1. +2 −2 server/Application/Api/Controller/AdminSettingController.class.php
@@ -166,7 +166,7 @@ public function getLoginSecretKey(){
$this->checkAdmin();
$login_secret_key = D("Options")->get("login_secret_key") ;
if(!$login_secret_key){
$login_secret_key = md5("rgrsfsrfsrf".time().rand(1,9000000000000000).uniqid());
$login_secret_key = bin2hex( random_bytes( 16 ) );
D("Options")->set("login_secret_key",$login_secret_key) ;
}
$this->sendResult(array("login_secret_key"=>$login_secret_key));
@@ -176,7 +176,7 @@ public function getLoginSecretKey(){
public function resetLoginSecretKey(){
$login_user = $this->checkLogin();
$this->checkAdmin();
$login_secret_key = md5("rgrsfsrfsrf".time().rand(1,9000000000000000).uniqid());
$login_secret_key = bin2hex( random_bytes( 16 ) );
D("Options")->set("login_secret_key",$login_secret_key) ;
$this->sendResult(array("login_secret_key"=>$login_secret_key));

0 comments on commit 4b962c1

Please sign in to comment.