From f978c1b83e9dcb3cab0a0bc52ad8900fb3ac86d4 Mon Sep 17 00:00:00 2001
From: Kitty Cat <ki@tty.sh>
Date: Wed, 3 May 2017 20:28:54 -0400
Subject: [PATCH] Use random_bytes() to generate IV where available (PHP 7.x)

---
 inc/mod/auth.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/inc/mod/auth.php b/inc/mod/auth.php
index 42f34196..2a264f18 100644
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@@ -70,7 +70,11 @@ function test_password($password, $salt, $test) {
 
 function generate_salt() {
 	// 128 bits of entropy
-	return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
+	if (function_exists('random_bytes')) {
+		return strtr(base64_encode(random_bytes(16)), '+', '.');
+	} else {
+		return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
+	}
 }
 
 function login($username, $password) {