The generate_password function gave quite simple passwords (all hex values)

author Jon Langseth <jon.langseth@lilug.no>

Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)

committer Jon Langseth <jon.langseth@lilug.no>

Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)
author Jon Langseth <jon.langseth@lilug.no>
Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)
committer Jon Langseth <jon.langseth@lilug.no>
Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)
diff --git a/api/lib/user_functions.php b/api/lib/user_functions.php

index 3a53c88582967c099745c638737e799eea5efc6d..e22412a6516ab2f80bd5d72d29895147b7ac447d 100644 (file)
--- a/api/lib/user_functions.php
+++ b/api/lib/user_functions.php
@@ -5,11 +5,16 @@ require_once('lib/db_functions.php');
  
  $config = get_config();
  
+// Default length 24 characters to provide a long password
+// that still is short enough that Cisco SPA phones can use it
  function generate_password( $length = 24 )
  {
         $string = "";
          while ( strlen( $string ) < $length )
-               $string .= substr(md5(rand().rand()), 0, $length);
+        {
+               $string .= crypt(substr(md5(rand().rand()), 0, $length));
+               $string = preg_replace( '/\W/', '', $string);
+        }
         return substr( $string, 0, $length );
  
  }
author	Jon Langseth <jon.langseth@lilug.no>
	Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)
committer	Jon Langseth <jon.langseth@lilug.no>
	Wed, 18 Jan 2012 20:54:46 +0000 (21:54 +0100)