diff options
author | David Rothstein <drothstein@gmail.com> | 2013-11-20 15:45:59 -0500 |
---|---|---|
committer | David Rothstein <drothstein@gmail.com> | 2013-11-20 15:45:59 -0500 |
commit | 782d1155c62c0a879bf587c7e40c3a13bcf6879c (patch) | |
tree | 380060c81a7ebd76870cfd7fb566933b3a7c6efd /includes/session.inc | |
parent | bf704d6ffe55d66a440a55a9d43e8846d46d2440 (diff) | |
download | brdo-782d1155c62c0a879bf587c7e40c3a13bcf6879c.tar.gz brdo-782d1155c62c0a879bf587c7e40c3a13bcf6879c.tar.bz2 |
Drupal 7.24
Diffstat (limited to 'includes/session.inc')
-rw-r--r-- | includes/session.inc | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/includes/session.inc b/includes/session.inc index 16727df6d..9589e06fc 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -263,10 +263,10 @@ function drupal_session_initialize() { // Less random sessions (which are much faster to generate) are used for // anonymous users than are generated in drupal_session_regenerate() when // a user becomes authenticated. - session_id(drupal_hash_base64(uniqid(mt_rand(), TRUE))); + session_id(drupal_random_key()); if ($is_https && variable_get('https', FALSE)) { $insecure_session_name = substr(session_name(), 1); - $session_id = drupal_hash_base64(uniqid(mt_rand(), TRUE)); + $session_id = drupal_random_key(); $_COOKIE[$insecure_session_name] = $session_id; } } @@ -360,7 +360,7 @@ function drupal_session_regenerate() { $old_insecure_session_id = $_COOKIE[$insecure_session_name]; } $params = session_get_cookie_params(); - $session_id = drupal_hash_base64(uniqid(mt_rand(), TRUE) . drupal_random_bytes(55)); + $session_id = drupal_random_key(); // If a session cookie lifetime is set, the session will expire // $params['lifetime'] seconds from the current request. If it is not set, // it will expire when the browser is closed. @@ -372,7 +372,7 @@ function drupal_session_regenerate() { if (drupal_session_started()) { $old_session_id = session_id(); } - session_id(drupal_hash_base64(uniqid(mt_rand(), TRUE) . drupal_random_bytes(55))); + session_id(drupal_random_key()); if (isset($old_session_id)) { $params = session_get_cookie_params(); |