Make WordPress Core

Opened 4 years ago

Closed 4 years ago

#47092 closed enhancement (fixed)

Increase the usefullness of 'random_password' by adding additional parameters

Reported by: roytanck's profile roytanck Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: 5.3 Priority: normal
Severity: normal Version:
Component: Login and Registration Keywords: has-patch
Focuses: Cc:

Description

In the wp_generate_password function, the output is run through the 'random_password' hook. This allows other functions to modify or replace the generated password. But because the $special_chars and $extra_special_chars parameters are not passed to the hook, any hooked function does not know whether special chars are allowed.

This limits the hooks usefulness, since wp_generate_password is also used to generate tokens that needs to be url-safe. By passing the two extra arguments along in the filter, hooked functions can respects these requirements.

I realize wp_generate_password is a pluggable function, but I feel that using the hook is a much cleaner way to override/improve WP's password suggestions.

Attachments (2)

47092.diff (810 bytes) - added by roytanck 4 years ago.
Patch adding $special_chars and $extra_special_chars to the 'random_password' hook.
47092-2.diff (836 bytes) - added by roytanck 4 years ago.
This patch adds the $length parameter too. You get the number by using mb_strlen() on the password, but simply providing it makes more sense.

Download all attachments as: .zip

Change History (5)

@roytanck
4 years ago

Patch adding $special_chars and $extra_special_chars to the 'random_password' hook.

#1 @roytanck
4 years ago

  • Keywords has-patch added

@roytanck
4 years ago

This patch adds the $length parameter too. You get the number by using mb_strlen() on the password, but simply providing it makes more sense.

#2 @SergeyBiryukov
4 years ago

  • Milestone changed from Awaiting Review to 5.3
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#3 @SergeyBiryukov
4 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45568:

Users: Pass $length, $special_chars, and $extra_special_chars parameters to the random_password filter in wp_generate_password().

Props roytanck.
Fixes #47092.

Note: See TracTickets for help on using tickets.