From 2b3fbecd492ae54b4ae483a45d5ee8b02a0e2251 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 22 Dec 2018 18:15:49 +0100
Subject: [PATCH] Fix when random_int is not available

---
 htdocs/core/lib/security2.lib.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 99433eb745f..c09cd7f78d3 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -514,7 +514,14 @@ function getRandomPassword($generic=false, $replaceambiguouschars=null)
 	{
 		$numbers = "ABCDEF";
 		$max = strlen($numbers) - 1;
-		$generated_password=str_replace($replaceambiguouschars, $numbers{random_int(0, $max)}, $generated_password);
+		if (function_exists('random_int'))	// Cryptographic random
+		{
+			$generated_password=str_replace($replaceambiguouschars, $numbers{random_int(0, $max)}, $generated_password);
+		}
+		else
+		{
+			$generated_password=str_replace($replaceambiguouschars, $numbers{mt_rand(0, $max)}, $generated_password);
+		}
 	}
 
 	return $generated_password;