From 07b72e6dd966e344d4d837aa1bf647087662b958 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Thu, 24 Apr 2008 00:19:09 +0000
Subject: [PATCH] Add length arg to wp_generate_password() and lengthen secret.
 Props tellyworth. fixes #6146 for trunk

git-svn-id: https://develop.svn.wordpress.org/trunk@7796 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/schema.php  |  2 +-
 wp-admin/includes/upgrade.php | 10 ++++++++++
 wp-includes/pluggable.php     |  7 +++----
 wp-includes/version.php       |  2 +-
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/wp-admin/includes/schema.php b/wp-admin/includes/schema.php
index 0e3dbd8715..b8c7e2cbbe 100644
--- a/wp-admin/includes/schema.php
+++ b/wp-admin/includes/schema.php
@@ -230,7 +230,7 @@ function populate_options() {
 	}
 
 	// 2.0.3
-	add_option('secret', wp_generate_password());
+	add_option('secret', wp_generate_password(64));
 
 	// 2.1
 	add_option('blog_public', '1');
diff --git a/wp-admin/includes/upgrade.php b/wp-admin/includes/upgrade.php
index 24892641be..ad5871e13d 100644
--- a/wp-admin/includes/upgrade.php
+++ b/wp-admin/includes/upgrade.php
@@ -202,6 +202,9 @@ function upgrade_all() {
 	if ( $wp_current_db_version < 7499 )
 		upgrade_250();
 
+	if ( $wp_current_db_version < 7796 )
+		upgrade_251();
+
 	maybe_disable_automattic_widgets();
 
 	$wp_rewrite->flush_rules();
@@ -723,6 +726,13 @@ function upgrade_250() {
 	
 }
 
+function upgrade_251() {
+	global $wp_current_db_version;
+
+	// Make the secret longer
+	update_option('secret', wp_generate_password(64));
+}
+
 // The functions we use to actually do stuff
 
 // General
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index 098eeb903f..22b8b294c0 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -1167,12 +1167,11 @@ if ( !function_exists('wp_generate_password') ) :
  *
  * @return string The random password
  **/
-function wp_generate_password() {
-	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
-	$length = 7;
+function wp_generate_password($length = 12) {
+	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()";
 	$password = '';
 	for ( $i = 0; $i < $length; $i++ )
-		$password .= substr($chars, mt_rand(0, 61), 1);
+		$password .= substr($chars, mt_rand(0, strlen($chars)), 1);
 	return $password;
 }
 endif;
diff --git a/wp-includes/version.php b/wp-includes/version.php
index b35709eb35..a020f204f3 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,6 +16,6 @@ $wp_version = '2.6-bleeding';
  *
  * @global int $wp_db_version
  */
-$wp_db_version = 7574;
+$wp_db_version = 7796;
 
 ?>