From 08f94103787086e655a1b2e2b1c0cce7258bd3dc Mon Sep 17 00:00:00 2001
From: Sam Hemelryk <sam@moodle.com>
Date: Thu, 26 Nov 2009 09:03:38 +0000
Subject: [PATCH] admin MDL-20980 Touched up regex that determines weak
 password salts

---
 admin/report/security/lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/admin/report/security/lib.php b/admin/report/security/lib.php
index e5454bdcb3..d781b0b506 100644
--- a/admin/report/security/lib.php
+++ b/admin/report/security/lib.php
@@ -489,8 +489,8 @@ function report_security_check_passwordsaltmain($detailed=false) {
     if (empty($CFG->passwordsaltmain)) {
         $result->status = REPORT_SECURITY_WARNING;
         $result->info   = get_string('check_passwordsaltmain_warning', 'report_security');
-    } else if ($CFG->passwordsaltmain === 'a_very_long_random_string_of_characters#@6&*1'
-            || trim($CFG->passwordsaltmain) === '' || preg_match('/^([\w]+|[\d]+)$/i', $CFG->passwordsaltmain)) {
+    } else if ($CFG->passwordsaltmain === 'some long random string here with lots of characters'
+            || trim($CFG->passwordsaltmain) === '' || preg_match('/^([a-z0-9]{0,10})$/i', $CFG->passwordsaltmain)) {
         $result->status = REPORT_SECURITY_WARNING;
         $result->info   = get_string('check_passwordsaltmain_weak', 'report_security');
     } else {
-- 
2.39.5