diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2011-01-23 11:15:33 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2011-01-23 11:15:33 +0100 |
| commit | 62bbd5ef5f25e1d89d67a00cc3b51a954013d7cb (patch) | |
| tree | eb9070ea8cd4afc88dbf53fcf009f14ad9fe18c3 /inc/PassHash.class.php | |
| parent | 52c9860c6e3a36b884ca186f1c9ea3d7acdf2b13 (diff) | |
| download | rpg-62bbd5ef5f25e1d89d67a00cc3b51a954013d7cb.tar.gz rpg-62bbd5ef5f25e1d89d67a00cc3b51a954013d7cb.tar.bz2 | |
use a bigger range of characters for password salts
Diffstat (limited to 'inc/PassHash.class.php')
| -rw-r--r-- | inc/PassHash.class.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php index c4a6d78d0..cb46c5928 100644 --- a/inc/PassHash.class.php +++ b/inc/PassHash.class.php @@ -77,11 +77,13 @@ class PassHash { /** * Create a random salt * - * @todo use full range of characters instead of hex values only * @param int $len - The length of the salt */ public function gen_salt($len=32){ - return substr(md5(uniqid(rand(), true)),0,$len); + $salt = ''; + $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; + for($i=0;$i<$len,$i++;) $salt .= $chars[mt_rand(0,61)]; + return $salt; } /** |