mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-04-21 16:22:22 +02:00
Code Issues Releases Wiki Activity

[ticket/security-272] Use longer random string for activation key

Browse Source 
SECURITY-272
This commit is contained in:
Marc Alexander 2021-12-21 20:39:14 +01:00
parent 3cf83f1a62
commit 33a789e030
No known key found for this signature in database
GPG Key ID: 50E0D2423696F995
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/ucp/ucp_register.php
View File

@ -363,7 +363,7 @@ class ucp_register
$config['require_activation'] == USER_ACTIVATION_SELF ||
$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
{
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_actkey = gen_rand_string(32);
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();