Add length arg to wp_generate_password() and lengthen secret. Props tellyworth. fixes #6146 for trunk

git-svn-id: https://develop.svn.wordpress.org/trunk@7796 602fd350-edb4-49c9-b593-d223f7449a82

wp-admin/includes/schema.php

@@ -230,7 +230,7 @@ function populate_options() {
 	}
 
 	// 2.0.3
-	add_option('secret', wp_generate_password());
+	add_option('secret', wp_generate_password(64));
 
 	// 2.1
 	add_option('blog_public', '1');

wp-admin/includes/upgrade.php

@@ -202,6 +202,9 @@ function upgrade_all() {
 	if ( $wp_current_db_version < 7499 )
 		upgrade_250();
 
+	if ( $wp_current_db_version < 7796 )
+		upgrade_251();
+
 	maybe_disable_automattic_widgets();
 
 	$wp_rewrite->flush_rules();
@@ -723,6 +726,13 @@ function upgrade_250() {
 	
 }
 
+function upgrade_251() {
+	global $wp_current_db_version;
+
+	// Make the secret longer
+	update_option('secret', wp_generate_password(64));
+}
+
 // The functions we use to actually do stuff
 
 // General

wp-includes/pluggable.php

@@ -1167,12 +1167,11 @@ if ( !function_exists('wp_generate_password') ) :
  *
  * @return string The random password
  **/
-function wp_generate_password() {
-	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
-	$length = 7;
+function wp_generate_password($length = 12) {
+	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()";
 	$password = '';
 	for ( $i = 0; $i < $length; $i++ )
-		$password .= substr($chars, mt_rand(0, 61), 1);
+		$password .= substr($chars, mt_rand(0, strlen($chars)), 1);
 	return $password;
 }
 endif;

wp-includes/version.php

@@ -16,6 +16,6 @@ $wp_version = '2.6-bleeding';
  *
  * @global int $wp_db_version
  */
-$wp_db_version = 7574;
+$wp_db_version = 7796;
 
 ?>