diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2013-06-14 14:49:39 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2013-06-14 14:49:39 +0200 |
| commit | 987c8d26bbfec753f50b50e8f16e0f5579a93e11 (patch) | |
| tree | 8e31666a55e8150a0fa0360fb8b645b0773f548a /inc | |
| parent | d628dcf33c131b3ede5c78b4550c2ba23124f432 (diff) | |
| download | rpg-987c8d26bbfec753f50b50e8f16e0f5579a93e11.tar.gz rpg-987c8d26bbfec753f50b50e8f16e0f5579a93e11.tar.bz2 | |
Increased strength of auto generated passwords a bit
If you want better random initialization and more control over the
password strength install the passpolicy plugin.
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/auth.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/inc/auth.php b/inc/auth.php index db6245e20..6107645cd 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -681,14 +681,14 @@ function auth_nameencode($name, $skip_group = false) { * The $foruser variable might be used by plugins to run additional password * policy checks, but is not used by the default implementation * - * @author Andreas Gohr <andi@splitbrain.org> - * @link http://www.phpbuilder.com/annotate/message.php3?id=1014451 + * @author Andreas Gohr <andi@splitbrain.org> + * @link http://www.phpbuilder.com/annotate/message.php3?id=1014451 * @triggers AUTH_PASSWORD_GENERATE * * @param string $foruser username for which the password is generated * @return string pronouncable password */ -function auth_pwgen($foruser='') { +function auth_pwgen($foruser = '') { $data = array( 'password' => '', 'foruser' => $foruser @@ -696,18 +696,19 @@ function auth_pwgen($foruser='') { $evt = new Doku_Event('AUTH_PASSWORD_GENERATE', $data); if($evt->advise_before(true)) { - $c = 'bcdfghjklmnprstvwz'; //consonants except hard to speak ones - $v = 'aeiou'; //vowels - $a = $c.$v; //both - - //use two syllables... - for($i = 0; $i < 2; $i++) { - $data['password'] .= $c[rand(0, strlen($c) - 1)]; - $data['password'] .= $v[rand(0, strlen($v) - 1)]; - $data['password'] .= $a[rand(0, strlen($a) - 1)]; + $c = 'bcdfghjklmnprstvwz'; //consonants except hard to speak ones + $v = 'aeiou'; //vowels + $a = $c.$v; //both + $s = '!$%&?+*~#-_:.;,'; // specials + + //use thre syllables... + for($i = 0; $i < 3; $i++) { + $data['password'] .= $c[mt_rand(0, strlen($c) - 1)]; + $data['password'] .= $v[mt_rand(0, strlen($v) - 1)]; + $data['password'] .= $a[mt_rand(0, strlen($a) - 1)]; } - //... and add a nice number - $data['password'] .= rand(10, 99); + //... and add a nice number and special + $data['password'] .= mt_rand(10, 99).$s[mt_rand(0, strlen($s) - 1)]; } $evt->advise_after(); |