webapp/postfixadmin
1
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2025-08-06 06:42:37 +03:00
Code Activity

change generate_password() to allow for repeated characaters, which probably provides more entropy.

Browse Source
This commit is contained in:
David Goodwin
2025-06-01 15:42:09 +01:00
parent 06a2cda24b
commit ace5624508
1 changed files with 5 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
functions.inc.php
View File

@@ -882,24 +882,19 @@ function encode_header($string, $default_charset = "utf-8")
* Generate a random password of $length characters. * Generate a random password of $length characters.
* @param int $length (optional, default: 12) * @param int $length (optional, default: 12)
* @return string * @return string
*
*/ */
function generate_password($length = 12) function generate_password(int $length = 12): string
{ {
// define possible characters // define possible characters
$possible = "2345678923456789abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ"; # skip 0 and 1 to avoid confusion with O and l $possible = "2345678923456789abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ"; # skip 0 and 1 to avoid confusion with O and l
// add random characters to $password until $length is reached // add random characters to $password until $length is reached
$password = ""; $password = "";
while (strlen($password) < $length) {
$random = random_int(0, strlen($possible) - 1);
$char = substr($possible, $random, 1);
// we don't want this character if it's already in the password // note this allows for repeated characters (better entropy)
if (!strstr($password, $char)) { for ($i = 0; $i < $length; $i++) {
$password .= $char; $random = random_int(0, strlen($possible) - 1);
} $password .= substr($possible, $random, 1);
} }
return $password; return $password;