From: Andrew Dolgov Date: Tue, 7 May 2013 08:36:09 +0000 (+0400) Subject: auth_base: choose random password if not supplied by auth module X-Git-Tag: 1.7.9~25^2~2 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=ea46d90eee462d6fc7724340670550f7f5717372;p=tt-rss.git auth_base: choose random password if not supplied by auth module --- diff --git a/classes/auth/base.php b/classes/auth/base.php index c77df515..69acd098 100644 --- a/classes/auth/base.php +++ b/classes/auth/base.php @@ -16,10 +16,12 @@ class Auth_Base { // Auto-creates specified user if allowed by system configuration // Can be used instead of find_user_by_login() by external auth modules - function auto_create_user($login, $password) { + function auto_create_user($login, $password = false) { if ($login && defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) { $user_id = $this->find_user_by_login($login); + if (!$password) $password = make_password(); + if (!$user_id) { $login = $this->dbh->escape_string($login); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);