diff options
| author | Arun Persaud <arun@nubati.net> | 2016-04-10 11:42:28 -0700 |
|---|---|---|
| committer | Arun Persaud <arun@nubati.net> | 2016-04-10 11:42:28 -0700 |
| commit | fca4b445ba9fd3ca6abdd7c08a59e25b817c537b (patch) | |
| tree | eb478659b6c6da709be1940a950834970e22b940 /include/user.php | |
| parent | ecabf718a77ca979d16ef9d55f8db962fd3e814b (diff) | |
| download | e-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.tar.gz e-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.tar.bz2 e-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.zip | |
BUGFIX: fix password for password recovery (was not random enough)
The password was just a constant string, the email, and the current
time. Therefore, someone could just request a new password and even
without getting the email, just try out different time stamps around
the time the person requested the email and recover the temporary
password. Added a random string to generate the password, which should
fix this.
Diffstat (limited to 'include/user.php')
| -rw-r--r-- | include/user.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/user.php b/include/user.php index 19b9544..f58293e 100644 --- a/include/user.php +++ b/include/user.php @@ -67,7 +67,8 @@ if(myisset('forgot')) /* create temporary password, use the fist 8 letters of a md5 hash */ $TIME = (string) time(); /* to avoid collisions */ - $hash = md5('Anewpassword'.$email.$TIME); + $rndstring = sha1(rand()); /* add some randomness */ + $hash = md5('Anewpassword'.$email.$TIME.$rndstring); $newpw = substr($hash,1,8); $message = sprintf( _("Someone (hopefully you) requested a new password.\n". |