Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

admin MDL-20980 Touched up regex that determines weak password salts

  • Loading branch information...
commit 75d4f4ef91cb479a502b6dcc808ff65b72f10843 1 parent 2ef1ead
Sam Hemelryk authored November 26, 2009

Showing 1 changed file with 1 addition and 1 deletion. Show diff stats Hide diff stats

  1. 2  admin/report/security/lib.php
2  admin/report/security/lib.php
@@ -762,7 +762,7 @@ function report_security_check_passwordsaltmain($detailed=false) {
762 762
         $result->status = REPORT_SECURITY_WARNING;
763 763
         $result->info   = get_string('check_passwordsaltmain_warning', 'report_security');
764 764
     } else if ($CFG->passwordsaltmain === 'a_very_long_random_string_of_characters#@6&*1'
765  
-            || trim($CFG->passwordsaltmain) === '' || preg_match('/^([\w]+|[\d]+)$/i', $CFG->passwordsaltmain)) {
  765
+            || trim($CFG->passwordsaltmain) === '' || preg_match('/^([a-z0-9]{0,10})$/i', $CFG->passwordsaltmain)) {
766 766
         $result->status = REPORT_SECURITY_WARNING;
767 767
         $result->info   = get_string('check_passwordsaltmain_weak', 'report_security');
768 768
     } else {

0 notes on commit 75d4f4e

Please sign in to comment.
Something went wrong with that request. Please try again.