From 9cf6814776a989cca12cf1249460268b50ae25b2 Mon Sep 17 00:00:00 2001
From: Michael Foster <savetheinternet@tinyboard.org>
Date: Mon, 23 Sep 2013 12:53:44 +1000
Subject: [PATCH] Fix secure tripcode hardening

---
 inc/functions.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/inc/functions.php b/inc/functions.php
index 02665952..3448e7db 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -1973,14 +1973,13 @@ function generate_tripcode($name) {
 		if (isset($config['custom_tripcode']["##{$trip}"]))
 			$trip = $config['custom_tripcode']["##{$trip}"];
 		else
-			$trip = '!!' . substr(crypt($trip, $salt . $config['secure_trip_salt']), -10);
+			$trip = '!!' . substr(crypt($trip, substr(base64_encode(sha1($trip . $config['secure_trip_salt'], true)), 0, 9)), -10);
 	} else {
 		if (isset($config['custom_tripcode']["#{$trip}"]))
 			$trip = $config['custom_tripcode']["#{$trip}"];
 		else
 			$trip = '!' . substr(crypt($trip, $salt), -10);
 	}
-
 	return array($name, $trip);
 }