From 26086981a24e72f283da38dbdb992f27b4135a80 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 08 Sep 2015 11:38:19 -0400
Subject: [PATCH] Improve randomness of security tokens (#1490529)

---
 program/include/rcmail.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index a7c5a91..b2ab79a 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -810,7 +810,7 @@
 
             // remove old token from the path
             $base_path = rtrim($base_path, '/');
-            $base_path = preg_replace('/\/[a-f0-9]{' . strlen($token) . '}$/', '', $base_path);
+            $base_path = preg_replace('/\/[a-zA-Z0-9]{' . strlen($token) . '}$/', '', $base_path);
 
             // this need to be full url to make redirects work
             $absolute = true;

--
Gitblit v1.9.1