--- functions.php.orig	2022-08-07 14:13:40.000000000 +0200
+++ functions.php	2022-12-17 14:49:47.083703256 +0100
@@ -21,6 +21,7 @@
 define('DOCDIR',sprintf('%s/',realpath(LIBDIR.'../doc/')));
 define('HOOKSDIR',sprintf('%s/',realpath(LIBDIR.'../hooks/')));
 define('JSDIR','js/');
+define('SESSION_CIPHER','aes256-gcm');
 
 /**
  * Supplimental functions
@@ -769,11 +770,10 @@
 	if (! trim($secret))
 		return $data;
 
-	if (! empty($data) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
-		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
-		return openssl_encrypt($data, 'bf-ecb', substr($secret,0,$keylen));
+	if (! empty($data) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
+		return openssl_encrypt($data, SESSION_CIPHER, substr($secret,0,$keylen));
 	}
-
 /*
 	if (function_exists('mcrypt_module_open') && ! empty($data)) {
 		$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
@@ -831,9 +831,9 @@
 	if (! trim($secret))
 		return $encdata;
 
-	if (! empty($encdata) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
-		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
-		return trim(openssl_decrypt($encdata, 'bf-ecb', substr($secret,0,$keylen)));
+	if (! empty($encdata) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
+		return trim(openssl_decrypt($encdata, SESSION_CIPHER, substr($secret,0,$keylen)));
 	}
 
 /*