functions.php: use secure_hash where appropriate

inc/functions.php

@@ -11,6 +11,7 @@ if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
 
 $microtime_start = microtime(true);
 
+use Vichan\Functions\Hide;
 use Lifo\IP\IP; // for expanding IPv6 address in DNSBL()
 
 // the user is not currently logged in as a moderator
@@ -2583,11 +2584,11 @@ function rrmdir($dir) {
 function poster_id($ip, $thread) {
 	global $config;
 
-	if ($id = event('poster-id', $ip, $thread))
+	if ($id = event('poster-id', $ip, $thread)) {
 		return $id;
+	}
 
-	// Confusing, hard to brute-force, but simple algorithm
-	return substr(sha1(sha1($ip . $config['secure_trip_salt'] . $thread) . $config['secure_trip_salt']), 0, $config['poster_id_length']);
+	return \substr(Hide\secure_hash($ip . $config['secure_trip_salt'] . $thread . $config['secure_trip_salt'], false), 0, $config['poster_id_length']);
 }
 
 function generate_tripcode($name) {
@@ -2615,7 +2616,7 @@ function generate_tripcode($name) {
 		if (isset($config['custom_tripcode']["##{$trip}"]))
 			$trip = $config['custom_tripcode']["##{$trip}"];
 		else
-			$trip = '!!' . substr(crypt($trip, str_replace('+', '.', '_..A.' . substr(base64_encode(sha1($trip . $config['secure_trip_salt'], true)), 0, 4))), -10);
+			$trip = '!!' . substr(crypt($trip, str_replace('+', '.', '_..A.' . substr(Hide\secure_hash($trip . $config['secure_trip_salt'], false), 0, 4))), -10);
 	} else {
 		if (isset($config['custom_tripcode']["#{$trip}"]))
 			$trip = $config['custom_tripcode']["#{$trip}"];