Loading interface/lib/classes/auth.inc.php +36 −5 Original line number Diff line number Diff line Loading @@ -174,13 +174,44 @@ class auth { } public function get_random_password($length = 8) { $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; public function get_random_password($minLength = 8, $special = false) { $minLength = $minLength || 10; if($minLength < 8) $minLength = 8; $maxLength = $minLength + 5; $length = mt_rand($minLength, $maxLength); $alphachars = "abcdefghijklmnopqrstuvwxyz"; $upperchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $numchars = "1234567890"; $specialchars = "!@#_"; $num_special = 0; if($special == true) { $num_special = intval(mt_rand(0, round($length / 4))) + 1; } $numericlen = mt_rand(1, 2); $alphalen = $length - $num_special - $numericlen; $upperlen = intval($alphalen / 2); $alphalen = $alphalen - $upperlen; $password = ''; for ($n=0;$n<$length;$n++) { $password.=$base64_alphabet[mt_rand(0, 63)]; for($i = 0; $i < $alphalen; $i++) { $password .= substr($alphachars, mt_rand(0, strlen($alphachars) - 1), 1); } return $password; for($i = 0; $i < $upperlen; $i++) { $password .= substr($upperchars, mt_rand(0, strlen($upperchars) - 1), 1); } for($i = 0; $i < $num_special; $i++) { $password .= substr($specialchars, mt_rand(0, strlen($specialchars) - 1), 1); } for($i = 0; $i < $numericlen; $i++) { $password .= substr($numchars, mt_rand(0, strlen($numchars) - 1), 1); } return str_shuffle($password); } public function crypt_password($cleartext_password) { Loading interface/web/login/password_reset.php +6 −2 Original line number Diff line number Diff line Loading @@ -60,7 +60,11 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' $app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']); } else { if($client['client_id'] > 0) { $new_password = $app->auth->get_random_password(); $server_config_array = $app->getconf->get_global_config(); $min_password_length = 8; if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length']; $new_password = $app->auth->get_random_password($min_password_length, true); $new_password_encrypted = $app->auth->crypt_password($new_password); $username = $client['username']; Loading @@ -69,7 +73,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' $app->tpl->setVar("message", $wb['pw_reset']); $app->uses('getconf,ispcmail'); $mail_config = $app->getconf->get_global_config('mail'); $mail_config = $server_config_array['mail']; if($mail_config['smtp_enabled'] == 'y') { $mail_config['use_smtp'] = true; $app->ispcmail->setOptions($mail_config); Loading Loading
interface/lib/classes/auth.inc.php +36 −5 Original line number Diff line number Diff line Loading @@ -174,13 +174,44 @@ class auth { } public function get_random_password($length = 8) { $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; public function get_random_password($minLength = 8, $special = false) { $minLength = $minLength || 10; if($minLength < 8) $minLength = 8; $maxLength = $minLength + 5; $length = mt_rand($minLength, $maxLength); $alphachars = "abcdefghijklmnopqrstuvwxyz"; $upperchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $numchars = "1234567890"; $specialchars = "!@#_"; $num_special = 0; if($special == true) { $num_special = intval(mt_rand(0, round($length / 4))) + 1; } $numericlen = mt_rand(1, 2); $alphalen = $length - $num_special - $numericlen; $upperlen = intval($alphalen / 2); $alphalen = $alphalen - $upperlen; $password = ''; for ($n=0;$n<$length;$n++) { $password.=$base64_alphabet[mt_rand(0, 63)]; for($i = 0; $i < $alphalen; $i++) { $password .= substr($alphachars, mt_rand(0, strlen($alphachars) - 1), 1); } return $password; for($i = 0; $i < $upperlen; $i++) { $password .= substr($upperchars, mt_rand(0, strlen($upperchars) - 1), 1); } for($i = 0; $i < $num_special; $i++) { $password .= substr($specialchars, mt_rand(0, strlen($specialchars) - 1), 1); } for($i = 0; $i < $numericlen; $i++) { $password .= substr($numchars, mt_rand(0, strlen($numchars) - 1), 1); } return str_shuffle($password); } public function crypt_password($cleartext_password) { Loading
interface/web/login/password_reset.php +6 −2 Original line number Diff line number Diff line Loading @@ -60,7 +60,11 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' $app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']); } else { if($client['client_id'] > 0) { $new_password = $app->auth->get_random_password(); $server_config_array = $app->getconf->get_global_config(); $min_password_length = 8; if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length']; $new_password = $app->auth->get_random_password($min_password_length, true); $new_password_encrypted = $app->auth->crypt_password($new_password); $username = $client['username']; Loading @@ -69,7 +73,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' $app->tpl->setVar("message", $wb['pw_reset']); $app->uses('getconf,ispcmail'); $mail_config = $app->getconf->get_global_config('mail'); $mail_config = $server_config_array['mail']; if($mail_config['smtp_enabled'] == 'y') { $mail_config['use_smtp'] = true; $app->ispcmail->setOptions($mail_config); Loading
