diff options
| -rw-r--r-- | phpBB/includes/captcha/plugins/captcha_abstract.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 17 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_remind.php | 2 | 
3 files changed, 22 insertions, 5 deletions
| diff --git a/phpBB/includes/captcha/plugins/captcha_abstract.php b/phpBB/includes/captcha/plugins/captcha_abstract.php index e7b8742b05..21cacd730c 100644 --- a/phpBB/includes/captcha/plugins/captcha_abstract.php +++ b/phpBB/includes/captcha/plugins/captcha_abstract.php @@ -59,7 +59,7 @@ class phpbb_default_captcha  	{  		global $user; -		$this->code = gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)); +		$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));  		$this->seed = hexdec(substr(unique_id(), 4, 10));  		// compute $seed % 0x7fffffff @@ -235,7 +235,7 @@ class phpbb_default_captcha  	{  		global $db, $user; -		$this->code = gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)); +		$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));  		$this->confirm_id = md5(unique_id($user->ip));  		$this->seed = hexdec(substr(unique_id(), 4, 10));  		$this->solved = 0; @@ -259,7 +259,7 @@ class phpbb_default_captcha  	{  		global $db, $user; -		$this->code = gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)); +		$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));  		$this->seed = hexdec(substr(unique_id(), 4, 10));  		$this->solved = 0;  		// compute $seed % 0x7fffffff @@ -281,7 +281,7 @@ class phpbb_default_captcha  	{  		global $db, $user; -		$this->code = gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)); +		$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));  		$this->seed = hexdec(substr(unique_id(), 4, 10));  		$this->solved = 0;  		// compute $seed % 0x7fffffff diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4c461b5ee8..6d2a6e685c 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -195,10 +195,27 @@ function set_config_count($config_name, $increment, $is_dynamic = false)  /**  * Generates an alphanumeric random string of given length +* +* @return string  */  function gen_rand_string($num_chars = 8)  { +	// [a, z] + [0, 9] = 36 +	return strtoupper(base_convert(unique_id(), 16, 36)); +} + +/** +* Generates a user-friendly alphanumeric random string of given length +* We remove 0 and O so users cannot confuse those in passwords etc. +* +* @return string +*/ +function gen_rand_string_friendly($num_chars = 8) +{  	$rand_str = unique_id(); + +	// Remove Z and Y from the base_convert(), replace 0 with Z and O with Y +	// [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34  	$rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34)));  	return substr($rand_str, 0, $num_chars); diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php index 0042cd9df7..cb89ad99be 100644 --- a/phpBB/includes/ucp/ucp_remind.php +++ b/phpBB/includes/ucp/ucp_remind.php @@ -79,7 +79,7 @@ class ucp_remind  			// Make password at least 8 characters long, make it longer if admin wants to.  			// gen_rand_string() however has a limit of 12 or 13. -			$user_password = gen_rand_string(max(8, rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars']))); +			$user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));  			// For the activation key a random length between 6 and 10 will do.  			$user_actkey = gen_rand_string(mt_rand(6, 10)); | 
