Skip to content
Permalink
Browse files Browse the repository at this point in the history
N°5393 Security hardening
  • Loading branch information
steffunky committed Aug 12, 2022
1 parent bd97d9c commit f10e9c2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion application/loginwebpage.class.inc.php
Expand Up @@ -241,7 +241,7 @@ protected function ForgotPwdGo()
}

// This token allows the user to change the password without knowing the previous one
$sToken = substr(md5(APPROOT.uniqid()), 0, 16);
$sToken = bin2hex(random_bytes(32));
$oUser->Set('reset_pwd_token', $sToken);
CMDBObject::SetTrackInfo('Reset password');
$oUser->AllowWrite(true);
Expand Down

0 comments on commit f10e9c2

Please sign in to comment.