upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-09 08:44:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

refactor(setup): Add shared generateDbPassword() to AbstractDatabase

Browse source 
Signed-off-by: Josh <josh.t.richards@gmail.com>
This commit is contained in:
Josh 2026-03-19 20:44:14 -04:00 committed by GitHub
parent d0c63a1753
commit bf2706a87c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
lib/private/Setup/AbstractDatabase.php
View file

@ -75,6 +75,27 @@ abstract class AbstractDatabase {
$this->tablePrefix = $dbTablePrefix;
}
/**
* Generate a strong random password suitable for database user accounts.
*
* Guarantees at least 2 uppercase, 2 lowercase, 2 digit, and 2 symbol
* characters are present, with symbols filtered to exclude characters
* that are problematic in SQL string contexts (", \, ', `).
*
* @return string A 30-character random password
*/
protected function generateDbPassword(): string {
$safeSymbols = str_replace(['\"', '\\', '\'', '`'], '', ISecureRandom::CHAR_SYMBOLS);
$password = $this->random->generate(22, ISecureRandom::CHAR_ALPHANUMERIC . $safeSymbols)
. $this->random->generate(2, ISecureRandom::CHAR_UPPER)
. $this->random->generate(2, ISecureRandom::CHAR_LOWER)
. $this->random->generate(2, ISecureRandom::CHAR_DIGITS)
. $this->random->generate(2, $safeSymbols);
return str_shuffle($password);
}
/**
* @param array $configOverwrite
* @return \OC\DB\Connection