From 342ddb4141290b257ec9532b47506f1a26516515 Mon Sep 17 00:00:00 2001 From: arf20 Date: Wed, 20 Mar 2024 12:43:32 +0100 Subject: Remove password restrictions and ver. code without symbols --- register.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'register.php') diff --git a/register.php b/register.php index 3ef957a..f235d40 100755 --- a/register.php +++ b/register.php @@ -71,8 +71,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $password_err = "Enter a password."; else if (strlen($_POST["password"]) < 8) $password_err = "Password must have at least 8 characters."; - else if (preg_match("/[a-zA-Z0-9!@^*$%&)(=+çñÇ][}{\-.,_:;]+/", $_POST["password"]) != false) - $password_err = "Password must be in the format [a-zA-Z0-9!@^*$%&)(=+çñÇ][}{-.,_:;]."; else $password = $_POST["password"]; @@ -94,7 +92,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $param_username = $username; $param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash $param_email = $email; - $param_verifycode = base64_encode(random_bytes(12)); // code of size 16 + $param_verifycode = substr(sha1(random_bytes(64)), 0, 16); // random 16 character code // Attempt to execute the prepared statement if (mysqli_stmt_execute($stmt)) { @@ -151,7 +149,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
-
+
-- cgit v1.2.3