diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2013-04-04 01:05:44 +0300 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2013-04-04 01:05:44 +0300 |
| commit | 6645a54cacb80ceb2d394ab6d3e3014bc9019a0c (patch) | |
| tree | 41527c5a6e1b8b98a2eb1e62b9f48a71e8827edd /lib/setup.php | |
| parent | ba7c0cf5489533d7dcf30b09698d3043beb4834d (diff) | |
| download | nextcloud-server-6645a54cacb80ceb2d394ab6d3e3014bc9019a0c.tar.gz nextcloud-server-6645a54cacb80ceb2d394ab6d3e3014bc9019a0c.zip | |
Use random bytes instead of time
Thanks for the heads-up @VicDeo :-)
Diffstat (limited to 'lib/setup.php')
| -rw-r--r-- | lib/setup.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/setup.php b/lib/setup.php index 54b6149fe27..7082f0b2afd 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -243,7 +243,7 @@ class OC_Setup { $dbusername=substr('oc_'.$username, 0, 16); if($dbusername!=$oldUser) { //hash the password so we don't need to store the admin config in the config file - $dbpassword=md5(time().$dbpass); + $dbpassword=OC_Util::generate_random_bytes(30); self::createDBUser($dbusername, $dbpassword, $connection); @@ -333,7 +333,7 @@ class OC_Setup { //add prefix to the postgresql user name to prevent collisions $dbusername='oc_'.$username; //create a new password so we don't need to store the admin config in the config file - $dbpassword=md5(OC_Util::generate_random_bytes(30)); + $dbpassword=OC_Util::generate_random_bytes(30); self::pg_createDBUser($dbusername, $dbpassword, $connection); @@ -476,7 +476,7 @@ class OC_Setup { //add prefix to the oracle user name to prevent collisions $dbusername='oc_'.$username; //create a new password so we don't need to store the admin config in the config file - $dbpassword=md5(time().$dbpass); + $dbpassword=OC_Util::generate_random_bytes(30); //oracle passwords are treated as identifiers: // must start with aphanumeric char |