Fix http auth password copy length (#7769)

2026-03-25 17:59:34 -04:00
parent d72fb962f9
commit 029f58a245
2 changed files with 13 additions and 2 deletions
@@ -72,6 +72,14 @@
 		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "false";
 		$apps[$x]['default_settings'][$y]['default_setting_description'] = "";
 		$y++;
+		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "885a43f9-eea2-4150-ba25-f576918880b3";
+		$apps[$x]['default_settings'][$y]['default_setting_category'] = "provision";
+		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "password_http_auth_length";
+		$apps[$x]['default_settings'][$y]['default_setting_name'] = "numeric";
+		$apps[$x]['default_settings'][$y]['default_setting_value'] = "20";
+		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "true";
+		$apps[$x]['default_settings'][$y]['default_setting_description'] = "Set the length for generated http auth passwords.";
+		$y++;
 		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "c998c762-6a43-4911-a465-a9653eeb793d";
 		$apps[$x]['default_settings'][$y]['default_setting_category'] = "provision";
 		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "http_auth_enabled";
@@ -231,6 +231,9 @@ class domain_settings {
 	public function copy($records) {
 		if (permission_exists($this->permission_prefix . 'add') && permission_exists('domain_select') && count($_SESSION['domains']) > 1) {

+			//define the global variables
+			global $settings;
+
 			//add multi-lingual support
 			$language = new text;
 			$text     = $language->get();
@@ -279,7 +282,7 @@ class domain_settings {

 							//set a random password for http_auth_password
 							if ($domain_setting_subcategory == "http_auth_password") {
-								$domain_setting_value = generate_password();
+								$domain_setting_value = generate_password(max(8, intval($settings->get('provision', 'password_http_auth_length', 20))));
 							}

 							//target is different domain, check if exists
@@ -360,7 +363,7 @@ class domain_settings {

 							//set a random password for http_auth_password
 							if ($domain_setting_subcategory == "http_auth_password") {
-								$domain_setting_value = generate_password();
+								$domain_setting_value = generate_password(max(8, intval($settings->get('provision', 'password_http_auth_length', 20))));
 							}

 							// check if exists