Use the codeigniter random string generation function for creating random passwords (#680).

This commit is contained in:
Alex Tselegidis 2020-09-23 13:11:30 +03:00
parent 12c25da042
commit 683aa269b0
3 changed files with 4 additions and 22 deletions

View file

@ -99,6 +99,7 @@ class Installation extends CI_Controller {
$this->load->model('providers_model');
$this->load->library('session');
$this->load->library('migration');
$this->load->helper('string');
$admin = $this->input->post('admin');
$company = $this->input->post('company');
@ -142,7 +143,7 @@ class Installation extends CI_Controller {
$services['id'] = $this->services_model->add($services);
$salt = generate_salt();
$password = generate_random_string(100);
$password = random_string('sha1', 12);
$sample_provider = [
'first_name' => 'John',

View file

@ -83,23 +83,3 @@ function generate_salt()
$salt = hash('sha256', (uniqid(rand(), TRUE)));
return substr($salt, 0, $max_length);
}
/**
* This method generates a random string.
*
* @link http://stackoverflow.com/a/4356295/1718162
*
* @param int $length (OPTIONAL = 10) The length of the generated string.
*
* @return string Returns the randomly generated string.
*/
function generate_random_string($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$random_string = '';
for ($i = 0; $i < $length; $i++)
{
$random_string .= $characters[rand(0, strlen($characters) - 1)];
}
return $random_string;
}

View file

@ -168,6 +168,7 @@ class User_Model extends CI_Model {
public function regenerate_password($username, $email)
{
$this->load->helper('general');
$this->load->helper('string');
$result = $this->db
->select('users.id')
@ -185,7 +186,7 @@ class User_Model extends CI_Model {
$user_id = $result->row()->id;
// Create a new password and send it with an email to the given email address.
$new_password = generate_random_string();
$new_password = random_string('sha1', 12);
$salt = $this->db->get_where('user_settings', ['id_users' => $user_id])->row()->salt;
$hash_password = hash_password($salt, $new_password);
$this->db->update('user_settings', ['password' => $hash_password], ['id_users' => $user_id]);