From 2f5c7a10b7193c6176aa3c149e9872bbb4399bf7 Mon Sep 17 00:00:00 2001
From: Arinerron <me@arinerron.com>
Date: Wed, 5 Apr 2017 16:16:01 -0700
Subject: [PATCH 1/2] Fix cryptographically insecure CSRF tokens

---
 web/login/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/login/index.php b/web/login/index.php
index 4be64ecc..d2aacefd 100644
--- a/web/login/index.php
+++ b/web/login/index.php
@@ -126,7 +126,7 @@ if (empty($_SESSION['language'])) {
 }
 
 // Generate CSRF token
-$_SESSION['token'] = md5(uniqid(mt_rand(), true));
+$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(16)); // generate 32-character cryptographically secure token
 
 require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
 require_once('../templates/header.html');

From cb7168f5362cd2f8d5667b33e5c9a899a116961a Mon Sep 17 00:00:00 2001
From: Arinerron <me@arinerron.com>
Date: Wed, 5 Apr 2017 16:18:44 -0700
Subject: [PATCH 2/2] Fix cryptographically insecure CSRF token bug

---
 web/inc/main.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/inc/main.php b/web/inc/main.php
index 75482cd1..1356ec35 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -59,10 +59,10 @@ if ((!isset($_SESSION['user'])) && (!defined('NO_AUTH_REQUIRED'))) {
     exit;
 }
 
+// Generate CSRF token
 if (isset($_SESSION['user'])) {
     if(!isset($_SESSION['token'])){
-        $token = uniqid(mt_rand(), true);
-        $_SESSION['token'] = $token;
+        $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(16));
     }
 }