Use a more random source...

2026-04-20 22:00:39 -04:00 · 2013-04-04 00:56:34 +03:00 · 2013-04-04 00:56:34 +03:00 · ba7c0cf548
commit ba7c0cf548
parent 40627a05a8
1 changed files with 1 additions and 1 deletions
--- a/lib/setup.php
+++ b/lib/setup.php
@ -333,7 +333,7 @@ class OC_Setup {
 			//add prefix to the postgresql user name to prevent collisions
 			$dbusername='oc_'.$username;
 			//create a new password so we don't need to store the admin config in the config file
-			$dbpassword=md5(time());
+			$dbpassword=md5(OC_Util::generate_random_bytes(30));

 			self::pg_createDBUser($dbusername, $dbpassword, $connection);