[wp-cvs] wordpress wp-login.php,1.49,1.50
Matthew Mullenweg
saxmatt at users.sourceforge.net
Wed Dec 22 02:41:35 UTC 2004
Update of /cvsroot/cafelog/wordpress
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25641
Modified Files:
wp-login.php
Log Message:
Make reset passwords use the same randomness we do in install.php. Hat tip: swoolley.
Index: wp-login.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-login.php,v
retrieving revision 1.49
retrieving revision 1.50
diff -C2 -d -r1.49 -r1.50
*** wp-login.php 19 Dec 2004 18:43:44 -0000 1.49
--- wp-login.php 22 Dec 2004 02:41:32 -0000 1.50
***************
*** 81,85 ****
// Generate something random for a password... md5'ing current time with a rand salt
! $user_pass = substr( MD5('time' . rand(1, 16000) ), 0, 6);
// now insert the new pass md5'd into the db
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$user_pass') WHERE user_login = '$user_login'");
--- 81,85 ----
// Generate something random for a password... md5'ing current time with a rand salt
! $user_pass = substr(md5(uniqid(microtime())), 0, 6);
// now insert the new pass md5'd into the db
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$user_pass') WHERE user_login = '$user_login'");
More information about the cvs
mailing list