From d5618de89d880bc05e5f44281b91978462e7f722 Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Fri, 28 Apr 2017 16:17:09 +1200 Subject: [PATCH] use custom function to generate a very basic random string to use as password. --- locallib.php | 20 ++++++++++++++++++++ sessions.php | 4 ++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/locallib.php b/locallib.php index 5bf963d..b78fd45 100644 --- a/locallib.php +++ b/locallib.php @@ -354,4 +354,24 @@ function attendance_update_status($status, $acronym, $description, $grade, $visi } $event->add_record_snapshot('attendance_statuses', $status); $event->trigger(); +} + +/** + * Similar to core random_string function but only lowercase letters. + * designed to make it relatively easy to provide a simple password in class. + * + * @param int $length The length of the string to be created. + * @return string + */ +function attendance_random_string($length=6) { + $randombytes = random_bytes_emulate($length); + $pool = 'abcdefghijklmnopqrstuvwxyz'; + $pool .= '0123456789'; + $poollen = strlen($pool); + $string = ''; + for ($i = 0; $i < $length; $i++) { + $rand = ord($randombytes[$i]); + $string .= substr($pool, ($rand%($poollen)), 1); + } + return $string; } \ No newline at end of file diff --git a/sessions.php b/sessions.php index 6208b40..836dc50 100644 --- a/sessions.php +++ b/sessions.php @@ -273,7 +273,7 @@ function construct_sessions_data_for_add($formdata) { if (isset($formdata->studentscanmark)) { // Students will be able to mark their own attendance. $sess->studentscanmark = 1; if (!empty($formdata->randompassword)) { - $sess->studentpassword = random_string(5); + $sess->studentpassword = attendance_random_string(); } else { $sess->studentpassword = $formdata->studentpassword; } @@ -305,7 +305,7 @@ function construct_sessions_data_for_add($formdata) { // Students will be able to mark their own attendance. $sess->studentscanmark = 1; if (!empty($formdata->randompassword)) { - $sess->studentpassword = random_string(5); + $sess->studentpassword = attendance_random_string(); } else { $sess->studentpassword = $formdata->studentpassword; }