Extended session-authentication, added keying of sessions, added session houskeeping...

[hermes] / api / lib / user_functions.php

diff --git a/api/lib/user_functions.php b/api/lib/user_functions.php
index e618d4c5bdb5bd83f143dc8a4ecac65f8ebc0abd..e22412a6516ab2f80bd5d72d29895147b7ac447d 100644 (file)
--- a/api/lib/user_functions.php
+++ b/api/lib/user_functions.php
@@ -5,11 +5,16 @@ require_once('lib/db_functions.php');
 
 $config = get_config();
 
+// Default length 24 characters to provide a long password
+// that still is short enough that Cisco SPA phones can use it
 function generate_password( $length = 24 )
 {
        $string = "";
         while ( strlen( $string ) < $length )
-               $string .= substr(md5(rand().rand()), 0, $length);
+        {
+               $string .= crypt(substr(md5(rand().rand()), 0, $length));
+               $string = preg_replace( '/\W/', '', $string);
+        }
        return substr( $string, 0, $length );
 
 }
@@ -244,7 +249,7 @@ function list_users ( $search = null )
        $result = sql_dbquery( $config['provision_db'], $query );
        if ( !$result ) return null;
        $list = array();
-       while ( $row = mysql_fetch_row( $result ) )
+       while ( $row = @mysql_fetch_row( $result ) )
        {
                array_push( $list, array( "user" => $row[0], "displayname" => $row[1] ) );
        }