public function generateConfirmationToken()
{
if (null === $this->confirmationToken) {
$bytes = false;
if (function_exists('openssl_random_pseudo_bytes') && 0 !== stripos(PHP_OS, 'win')) {
$bytes = openssl_random_pseudo_bytes(32, $strong);
if (true !== $strong) {
$bytes = false;
}
}
// let's just hope we got a good seed
if (false === $bytes) {
$bytes = hash('sha256', uniqid(mt_rand(), true), true);
}
$this->confirmationToken = base_convert(bin2hex($bytes), 16, 36);
}
}