Changeset 6385
- Timestamp:
- 12/15/07 05:31:16 (9 months ago)
- Files:
-
- trunk/wp-admin/includes/schema.php (modified) (1 diff)
- trunk/wp-admin/includes/upgrade.php (modified) (1 diff)
- trunk/wp-admin/options-writing.php (modified) (1 diff)
- trunk/wp-includes/pluggable.php (modified) (1 diff)
- trunk/wp-login.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/wp-admin/includes/schema.php
r6363 r6385 225 225 226 226 // 2.0.3 227 add_option('secret', md5(uniqid(microtime())));227 add_option('secret', wp_generate_password()); 228 228 229 229 // 2.1 trunk/wp-admin/includes/upgrade.php
r6363 r6385 36 36 $user_id = username_exists($user_name); 37 37 if ( !$user_id ) { 38 $random_password = substr(md5(uniqid(microtime())), 0, 6);38 $random_password = wp_generate_password(); 39 39 $user_id = wp_create_user($user_name, $random_password, $user_email); 40 40 } else { trunk/wp-admin/options-writing.php
r6026 r6385 60 60 <fieldset class="options"> 61 61 <legend><?php _e('Post via e-mail') ?></legend> 62 <p><?php printf(__('To post to WordPress by e-mail you must set up a secret e-mail account with POP3 access. Any mail received at this address will be posted, so it’s a good idea to keep this address very secret. Here are three random strings you could use: <code>%s</code>, <code>%s</code>, <code>%s</code>.'), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5)) ?></p>62 <p><?php printf(__('To post to WordPress by e-mail you must set up a secret e-mail account with POP3 access. Any mail received at this address will be posted, so it’s a good idea to keep this address very secret. Here are three random strings you could use: <code>%s</code>, <code>%s</code>, <code>%s</code>.'), wp_generate_password(), wp_generate_password(), wp_generate_password()) ?></p> 63 63 64 64 <table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> trunk/wp-includes/pluggable.php
r6364 r6385 745 745 endif; 746 746 747 if ( !function_exists('wp_generate_password') ) : 748 /** 749 * Generates a random password drawn from the defined set of characters 750 * @return string the password 751 **/ 752 function wp_generate_password() { 753 $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; 754 $length = 7; 755 $password = ''; 756 for ( $i = 0; $i < $length; $i++ ) 757 $password .= substr($chars, mt_rand(0, 61), 1); 758 return $password; 759 } 760 endif; 747 761 ?> trunk/wp-login.php
r6364 r6385 111 111 do_action('retrieve_password', $user_login); 112 112 113 // Generate something random for a password... md5'ing current time with a rand salt113 // Generate something random for a key... 114 114 $key = substr( md5( uniqid( microtime() ) ), 0, 8); 115 // Now insert the new pass md5'dinto the db115 // Now insert the new md5 key into the db 116 116 $wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'"); 117 117 $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n"; … … 183 183 do_action('password_reset'); 184 184 185 // Generate something random for a password... md5'ing current time with a rand salt186 $new_pass = substr( md5( uniqid( microtime() ) ), 0, 7);185 // Generate something random for a password... 186 $new_pass = wp_generate_password(); 187 187 $new_hash = wp_hash_password($new_pass); 188 188 $wpdb->query("UPDATE $wpdb->users SET user_pass = '$new_hash', user_activation_key = '' WHERE ID = '$user->ID'"); … … 242 242 243 243 if ( empty( $errors ) ) { 244 $user_pass = substr( md5( uniqid( microtime() ) ), 0, 7);244 $user_pass = wp_generate_password(); 245 245 246 246 $user_id = wp_create_user( $user_login, $user_pass, $user_email );
