Skip to content
Snippets Groups Projects
Commit 9c79079e authored by Marius Cramer's avatar Marius Cramer
Browse files

Backported password generator patch

parent 55385477
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
interface/lib/classes/auth.inc.php
+ 36
5
View file @ 9c79079e
...@@ -153,13 +153,44 @@ class auth { ...@@ -153,13 +153,44 @@ class auth {
} }
public function get_random_password($length = 8) { public function get_random_password($minLength = 8, $special = false) {
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; $minLength = $minLength || 10;
if($minLength < 8) $minLength = 8;
$maxLength = $minLength + 5;
$length = mt_rand($minLength, $maxLength);
$alphachars = "abcdefghijklmnopqrstuvwxyz";
$upperchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$numchars = "1234567890";
$specialchars = "!@#_";
$num_special = 0;
if($special == true) {
$num_special = intval(mt_rand(0, round($length / 4))) + 1;
}
$numericlen = mt_rand(1, 2);
$alphalen = $length - $num_special - $numericlen;
$upperlen = intval($alphalen / 2);
$alphalen = $alphalen - $upperlen;
$password = ''; $password = '';
for ($n=0;$n<$length;$n++) {
$password.=$base64_alphabet[mt_rand(0, 63)]; for($i = 0; $i < $alphalen; $i++) {
$password .= substr($alphachars, mt_rand(0, strlen($alphachars) - 1), 1);
}
for($i = 0; $i < $upperlen; $i++) {
$password .= substr($upperchars, mt_rand(0, strlen($upperchars) - 1), 1);
}
for($i = 0; $i < $num_special; $i++) {
$password .= substr($specialchars, mt_rand(0, strlen($specialchars) - 1), 1);
} }
return $password;
for($i = 0; $i < $numericlen; $i++) {
$password .= substr($numchars, mt_rand(0, strlen($numchars) - 1), 1);
}
return str_shuffle($password);
} }
public function crypt_password($cleartext_password) { public function crypt_password($cleartext_password) {
......
interface/web/login/password_reset.php
+ 6
2
View file @ 9c79079e
...@@ -57,7 +57,11 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' ...@@ -57,7 +57,11 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '
$client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' AND email = '$email'"); $client = $app->db->queryOneRecord("SELECT * FROM client WHERE username = '$username' AND email = '$email'");
if($client['client_id'] > 0) { if($client['client_id'] > 0) {
$new_password = $app->auth->get_random_password(); $server_config_array = $app->getconf->get_global_config();
$min_password_length = 8;
if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length'];
$new_password = $app->auth->get_random_password($min_password_length, true);
$new_password_encrypted = $app->auth->crypt_password($new_password); $new_password_encrypted = $app->auth->crypt_password($new_password);
$new_password_encrypted = $app->db->quote($new_password_encrypted); $new_password_encrypted = $app->db->quote($new_password_encrypted);
...@@ -67,7 +71,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' ...@@ -67,7 +71,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '
$app->tpl->setVar("message", $wb['pw_reset']); $app->tpl->setVar("message", $wb['pw_reset']);
$app->uses('getconf,ispcmail'); $app->uses('getconf,ispcmail');
$mail_config = $app->getconf->get_global_config('mail'); $mail_config = $server_config_array['mail'];
if($mail_config['smtp_enabled'] == 'y') { if($mail_config['smtp_enabled'] == 'y') {
$mail_config['use_smtp'] = true; $mail_config['use_smtp'] = true;
$app->ispcmail->setOptions($mail_config); $app->ispcmail->setOptions($mail_config);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment