[Clipart] [PATCH] cchost cc-login

[Bryce Harrington]

Here's a patch to fix the annoyance I ran into trying to register.  This
rewrites the routine that generates the random key image you have to
type in.  With the font used, it is difficult for a user to distinguish
between 0 and O, l and I, and so forth, so I've written it to not use
any of those characters.  This shouldn't affect the security of it much,
but should greatly improve usability for new contributors.

Bryce

--- cchost-1.0.3/cclib/cc-login.php	2005-10-22 11:20:32.000000000 -0700
+++ cchost-bwh/cclib/cc-login.php	2006-02-11 15:38:26.000000000 -0800
@@ -93,14 +93,24 @@
     }
 
     /**
-    * Generate a fairly unique, kinda sorta unpredicatble key
+    * Generate a fairly unique, kinda sorta unpredictable key that
+    * doesn't use confusing characters like l1 oO0 8B zZ2 and 9g.
     */
     function GenKey()
     {
-        $hash = md5(uniqid(rand(),true));
-        return( substr($hash,intval($hash[0],16),5) );
-    }
+        $length    = 16;
+        $key_chars ='abcdefhijkmnpqrstuvwxyACDEFGHJKLMNPQRSTUVWXY34567';
+        $rand_max  = strlen($key_chars) - 1;
 
+        for ($i = 0; $i < $length; $i++)
+        {
+           $rand_pos  = rand(0, $rand_max);
+           $rand_key[] = $key_chars{$rand_pos};
+        }
+
+        $rand_pass = implode('', $rand_key);
+        return $rand_pass;
+    }
 }
 
 /**