From 242ad5fec5bfc114f7c5c4402b8237be0a67005d Mon Sep 17 00:00:00 2001
From: Benjamin Southall <applemansigloo@gmail.com>
Date: Tue, 26 Feb 2019 10:58:36 +1000
Subject: [PATCH] Handle mcrypt_create_iv deprectation by using randombytes in
 newer PHP versions

---
 inc/mod/auth.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/inc/mod/auth.php b/inc/mod/auth.php
index 2a264f18..5705c8a2 100644
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@@ -69,12 +69,13 @@ function test_password($password, $salt, $test) {
 }
 
 function generate_salt() {
-	// 128 bits of entropy
-	if (function_exists('random_bytes')) {
-		return strtr(base64_encode(random_bytes(16)), '+', '.');
-	} else {
+	// mcrypt_create_iv() was deprecated in PHP 7.1.0, only use it if we're below that version number.
+	if (PHP_VERSION_ID < 70100) {
+		// 128 bits of entropy
 		return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
 	}
+	// Otherwise, use random_bytes()
+	return strtr(base64_encode(random_bytes(16)), '+', '.');
 }
 
 function login($username, $password) {
@@ -210,8 +211,8 @@ function check_login($prompt = false) {
 		}
 		
 		$mod = array(
-			'id' => $user['id'],
-			'type' => $user['type'],
+			'id' => (int)$user['id'],
+			'type' => (int)$user['type'],
 			'username' => $cookie[0],
 			'boards' => explode(',', $user['boards'])
 		);