From da45e1c7a6bfb079e5f5d9deb814b35dd5c39c67 Mon Sep 17 00:00:00 2001 From: Jon Langseth Date: Wed, 18 Jan 2012 21:54:46 +0100 Subject: [PATCH] The generate_password function gave quite simple passwords (all hex values) --- api/lib/user_functions.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/api/lib/user_functions.php b/api/lib/user_functions.php index 3a53c88..e22412a 100644 --- a/api/lib/user_functions.php +++ b/api/lib/user_functions.php @@ -5,11 +5,16 @@ require_once('lib/db_functions.php'); $config = get_config(); +// Default length 24 characters to provide a long password +// that still is short enough that Cisco SPA phones can use it function generate_password( $length = 24 ) { $string = ""; while ( strlen( $string ) < $length ) - $string .= substr(md5(rand().rand()), 0, $length); + { + $string .= crypt(substr(md5(rand().rand()), 0, $length)); + $string = preg_replace( '/\W/', '', $string); + } return substr( $string, 0, $length ); } -- 2.39.2