From 4b7628f6997ea171e699c07e3226779aed6fb1b1 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Thu, 15 Nov 2007 17:51:46 +0000 Subject: [PATCH] bug #1828265 [privileges] No weird characters in generated password --- ChangeLog | 1 + js/server_privileges.js | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 8409644ba..e80cfa4f8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -38,6 +38,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA - bug #1831646 [table creation] Error in CREATE TABLE with multiple primary keys and AUTO_INCREMENT - [display] Division by zero when showing all records (page selector) +- bug #1828265 [privileges] No weird characters in generated password 2.11.2.1 (2007-11-11) - fixed possible SQL injection using database name diff --git a/js/server_privileges.js b/js/server_privileges.js index 95b1b873c..ac9396d86 100644 --- a/js/server_privileges.js +++ b/js/server_privileges.js @@ -79,7 +79,10 @@ function checkAddUser(the_form) * @return boolean always true */ function suggestPassword() { - var pwchars = "abcdefhjmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWYXZ.,:"; + // restrict the password to just letters and numbers to avoid problems: + // "editors and viewers regard the password as multiple words and + // things like double click no longer work" + var pwchars = "abcdefhjmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWYXZ"; var passwordlength = 16; // do we want that to be dynamic? no, keep it simple :) var passwd = document.getElementById('generated_pw'); passwd.value = '';