From 034f689f8eebcd3fd2ea961cd8263760f23c4bff Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Tue, 10 Nov 2015 22:34:48 +0100
Subject: fixes #373 ask a longer random string

to openssl_random_pseudo_bytes, to avoid reaching the base64 trailing "=" signs
---
 include/functions_session.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
index aaa07fd07..533e34af3 100644
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@@ -71,7 +71,7 @@ function generate_key($size)
       str_replace(
         array('+', '/'),
         '',
-        base64_encode(openssl_random_pseudo_bytes($size))
+        base64_encode(openssl_random_pseudo_bytes($size+10))
         ),
       0,
       $size
@@ -260,4 +260,4 @@ function pwg_unset_session_var($var)
   return true;
 }
 
-?>
\ No newline at end of file
+?>
-- 
cgit v1.2.3