- added possibility to set a minimum password length for all passwords (does not count for old passwords already saved), fixes #59

- set version to 0.9.3-svn1
2010-03-17 07:51:16 +00:00
parent f9d84a09f1
commit c1de55f3d5
13 changed files with 103 additions and 9 deletions
--- a/index.php
+++ b/index.php
@@ -240,7 +240,18 @@ if($action == 'forgotpwd')
 		{
 			if($user !== false)
 			{
-				$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+				if ($settings['panel']['password_min_length'] <= 6) {
+					$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+				} else {
+					// make it two times larger than password_min_length
+					$rnd = '';
+					$minlength = $settings['panel']['password_min_length'];
+					while (strlen($rnd) < ($minlength * 2))
+					{
+						$rnd .= md5(uniqid(microtime(), 1));
+					}
+					$password = substr($rnd, (int)($minlength / 2), $minlength);
+				}

 				if($adminchecked)
 				{