From: Jon Langseth Date: Sat, 21 Jan 2012 01:37:56 +0000 (+0100) Subject: Brainfart, the new generate_password caused all passwords to have the same leading... X-Git-Url: https://git.defcon.no/?a=commitdiff_plain;h=49718d337c37e2a3c06d751dc980fe9401277c2a;hp=f48343d880910f4466072e8c10983685d3e75331;p=hermes Brainfart, the new generate_password caused all passwords to have the same leading char --- diff --git a/api/lib/user_functions.php b/api/lib/user_functions.php index e22412a..5aa1cfb 100644 --- a/api/lib/user_functions.php +++ b/api/lib/user_functions.php @@ -12,10 +12,10 @@ function generate_password( $length = 24 ) $string = ""; while ( strlen( $string ) < $length ) { - $string .= crypt(substr(md5(rand().rand()), 0, $length)); - $string = preg_replace( '/\W/', '', $string); + $string .= crypt(substr(md5(rand().rand()), 0, $length+1)); + $string = preg_replace( '/\W/', '', $string+1); } - return substr( $string, 0, $length ); + return substr( $string, 1, $length ); }