Use the codeigniter random string generation function for creating random passwords (#680).

2024-11-21 23:42:21 +03:00 · 2020-09-23 13:11:30 +03:00 · 2020-09-23 13:11:30 +03:00 · 683aa269b0
commit 683aa269b0
parent 12c25da042
3 changed files with 4 additions and 22 deletions
--- a/application/controllers/Installation.php
+++ b/application/controllers/Installation.php
@ -99,6 +99,7 @@ class Installation extends CI_Controller {
            $this->load->model('providers_model');
            $this->load->library('session');
            $this->load->library('migration');
+            $this->load->helper('string');

            $admin = $this->input->post('admin');
            $company = $this->input->post('company');
@ -142,7 +143,7 @@ class Installation extends CI_Controller {
            $services['id'] = $this->services_model->add($services);

            $salt = generate_salt();
-            $password = generate_random_string(100);
+            $password = random_string('sha1', 12);

            $sample_provider = [
                'first_name' => 'John',
--- a/application/helpers/general_helper.php
+++ b/application/helpers/general_helper.php
@ -83,23 +83,3 @@ function generate_salt()
    $salt = hash('sha256', (uniqid(rand(), TRUE)));
    return substr($salt, 0, $max_length);
 }
-
-/**
- * This method generates a random string.
- *
- * @link http://stackoverflow.com/a/4356295/1718162
- *
- * @param int $length (OPTIONAL = 10) The length of the generated string.
- *
- * @return string Returns the randomly generated string.
- */
-function generate_random_string($length = 10)
-{
-    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-    $random_string = '';
-    for ($i = 0; $i < $length; $i++)
-    {
-        $random_string .= $characters[rand(0, strlen($characters) - 1)];
-    }
-    return $random_string;
-}
--- a/application/models/User_model.php
+++ b/application/models/User_model.php
@ -168,6 +168,7 @@ class User_Model extends CI_Model {
    public function regenerate_password($username, $email)
    {
        $this->load->helper('general');
+        $this->load->helper('string');

        $result = $this->db
            ->select('users.id')
@ -185,7 +186,7 @@ class User_Model extends CI_Model {
        $user_id = $result->row()->id;

        // Create a new password and send it with an email to the given email address.
-        $new_password = generate_random_string();
+        $new_password = random_string('sha1', 12);
        $salt = $this->db->get_where('user_settings', ['id_users' => $user_id])->row()->salt;
        $hash_password = hash_password($salt, $new_password);
        $this->db->update('user_settings', ['password' => $hash_password], ['id_users' => $user_id]);