mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-23 01:51:31 +02:00
Code Issues Releases Wiki Activity

Merge pull request #65 from phpbb/ticket/security-272

Browse Source 
[ticket/security-272] Use longer random string for activation key
This commit is contained in:
Marc Alexander
2022-03-14 17:51:07 +01:00
parent fb2d1c2a28 9bc98278fe
commit 377ebacf0d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/ucp/ucp_register.php
View File

@@ -363,7 +363,7 @@ class ucp_register
$config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_SELF ||
$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
{ {
$user_actkey = gen_rand_string(mt_rand(6, 10)); $user_actkey = strtolower(gen_rand_string(32));
$user_type = USER_INACTIVE; $user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER; $user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time(); $user_inactive_time = time();