From cd48b89f3166e7fa732b5cb06d33fba018af9127 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Wed, 15 Dec 2010 14:57:00 -0800
Subject: Consolidate all the random code into a random helper that offers:  
 random::hash()   random::string()   random::percent()   random::int()

So that we don't have lots of different ways to get random values all
over the code.  Follow-on to #1527.
---
 modules/user/controllers/password.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/user/controllers')

diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 2e5eac5f..567e56dc 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -51,7 +51,7 @@ class Password_Controller extends Controller {
     $user_name = $form->reset->inputs["name"]->value;
     $user = user::lookup_by_name($user_name);
     if ($user && !empty($user->email)) {
-      $user->hash = md5(uniqid(mt_rand(), true));
+      $user->hash = random::hash();
       $user->save();
       $message = new View("reset_password.html");
       $message->confirm_url = url::abs_site("password/do_reset?key=$user->hash");
-- 
cgit v1.2.3