From eb8f3d80bcf27f93c5d9e800d60231b1617536b1 Mon Sep 17 00:00:00 2001
From: paponius <palo.hmm@gmail.com>
Date: Thu, 29 Jun 2023 04:01:24 +0200
Subject: [PATCH] random_bytes() only for >PHP7 (#1066)

---
 tinyfilemanager.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tinyfilemanager.php b/tinyfilemanager.php
index 71786c9..6f55502 100644
--- a/tinyfilemanager.php
+++ b/tinyfilemanager.php
@@ -245,7 +245,11 @@ if (defined('FM_EMBED')) {
 
 //Generating CSRF Token
 if (empty($_SESSION['token'])) {
-    $_SESSION['token'] = bin2hex(random_bytes(32));
+    if (function_exists('random_bytes')) {
+        $_SESSION['token'] = bin2hex(random_bytes(32));
+    } else {
+    	$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
+    }
 }
 
 if (empty($auth_users)) {