clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update lostpass.php

Browse Source 
use CSPRNG for password reset token generation
This commit is contained in:
Lynn Stephenson
2020-04-04 08:06:49 +00:00
committed by GitHub
parent efd549d466
commit f459a35cf4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mod/lostpass.php
View File

@@ -41,7 +41,7 @@ function lostpass_post(App $a)
DI::baseUrl()->redirect();
}
$pwdreset_token = Strings::getRandomName(12) . random_int(1000, 9999);
$pwdreset_token = Strings::getRandomHex(32);
$fields = [
'pwdreset' => $pwdreset_token,