From 69abbc7ff30ffea9bb5b1f54df91d6df7a68e94e Mon Sep 17 00:00:00 2001
From: Paul Klimov <klimov.paul@gmail.com>
Date: Sat, 28 Jun 2014 19:02:53 +0300
Subject: [PATCH] Fallback at `Security::generateRandomKey()` removed

---
 framework/base/Security.php | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/framework/base/Security.php b/framework/base/Security.php
index b9bd6b652a..0354f81cf9 100644
--- a/framework/base/Security.php
+++ b/framework/base/Security.php
@@ -180,7 +180,7 @@ class Security extends Component
         $end = StringHelper::byteSubstr($data, -1, null);
         $last = ord($end);
         $n = StringHelper::byteLength($data) - $last;
-        if (StringHelper::byteSubstr($data, $n, null) == str_repeat($end, $last)) {
+        if (StringHelper::byteSubstr($data, $n, null) === str_repeat($end, $last)) {
             return StringHelper::byteSubstr($data, 0, $n);
         }
 
@@ -322,11 +322,7 @@ class Security extends Component
      */
     public function generateRandomKey($length = 32)
     {
-        if (function_exists('mcrypt_create_iv')) {
-            return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
-        }
-        $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.';
-        return substr(str_shuffle(str_repeat($chars, 5)), 0, $length);
+        return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
     }
 
     /**