From: Petr Skoda <skodak@moodle.org>
Date: Tue, 17 Nov 2009 16:36:23 +0000 (+0000)
Subject: MDL-18006 MDL-18807 MDL-20853 warn that the default salt is definitely weak
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=af2d263f995b5bc0e89d7086007f798ab10763e1;p=moodle.git

MDL-18006 MDL-18807 MDL-20853 warn that the default salt is definitely weak
---

diff --git a/admin/report/security/lib.php b/admin/report/security/lib.php
index e20c7e8129..16a9232f23 100644
--- a/admin/report/security/lib.php
+++ b/admin/report/security/lib.php
@@ -488,7 +488,8 @@ function report_security_check_passwordsaltmain($detailed=false) {
     if (empty($CFG->passwordsaltmain)) {
         $result->status = REPORT_SECURITY_WARNING;
         $result->info   = get_string('check_passwordsaltmain_warning', 'report_security');
-    } else if (trim($CFG->passwordsaltmain)=='' || preg_match('/^([\w]+|[\d]+)$/i', $CFG->passwordsaltmain)) {
+    } else if ($CFG->passwordsaltmain === 'a_very_long_random_string_of_characters#@6&*1'
+            || trim($CFG->passwordsaltmain) === '' || preg_match('/^([\w]+|[\d]+)$/i', $CFG->passwordsaltmain)) {
         $result->status = REPORT_SECURITY_WARNING;
         $result->info   = get_string('check_passwordsaltmain_weak', 'report_security');
     } else {