From 5510ac0abfe11015b8d6e4b744e4fdf08217d3df Mon Sep 17 00:00:00 2001
From: Bachir Soussi Chiadmi <bachir@figureslibres.io>
Date: Sun, 27 Jan 2019 14:42:15 +0100
Subject: [PATCH] updated genpass

---
 .../modules/contrib/users/genpass/genpass.css |   3 -
 .../contrib/users/genpass/genpass.info        |   7 +-
 .../contrib/users/genpass/genpass.module      | 101 +++++++++---------
 3 files changed, 55 insertions(+), 56 deletions(-)
 delete mode 100644 sites/all/modules/contrib/users/genpass/genpass.css

diff --git a/sites/all/modules/contrib/users/genpass/genpass.css b/sites/all/modules/contrib/users/genpass/genpass.css
deleted file mode 100644
index fc10c690..00000000
--- a/sites/all/modules/contrib/users/genpass/genpass.css
+++ /dev/null
@@ -1,3 +0,0 @@
-.genpass-password {
-  white-space: nowrap;
-}
diff --git a/sites/all/modules/contrib/users/genpass/genpass.info b/sites/all/modules/contrib/users/genpass/genpass.info
index be0d3e34..62895820 100644
--- a/sites/all/modules/contrib/users/genpass/genpass.info
+++ b/sites/all/modules/contrib/users/genpass/genpass.info
@@ -3,9 +3,8 @@ description = Generate a password when adding a new user.
 core = 7.x
 configure = admin/config/people/accounts
 
-; Information added by drupal.org packaging script on 2012-02-20
-version = "7.x-1.0"
+; Information added by Drupal.org packaging script on 2018-06-26
+version = "7.x-1.1"
 core = "7.x"
 project = "genpass"
-datestamp = "1329772844"
-
+datestamp = "1530031732"
diff --git a/sites/all/modules/contrib/users/genpass/genpass.module b/sites/all/modules/contrib/users/genpass/genpass.module
index 4629453f..c9145652 100644
--- a/sites/all/modules/contrib/users/genpass/genpass.module
+++ b/sites/all/modules/contrib/users/genpass/genpass.module
@@ -9,13 +9,6 @@ define('GENPASS_DISPLAY_ADMIN', 1);
 define('GENPASS_DISPLAY_USER', 2);
 define('GENPASS_DISPLAY_BOTH', 3);
 
-/**
- * Implements of hook_init().
- */
-function genpass_init() {
-  drupal_add_css(drupal_get_path('module', 'genpass') . '/genpass.css');
-}
-
 /**
  * Defines default characters allowed for passwords.
  */
@@ -33,27 +26,31 @@ function genpass_generate() {
 }
 
 /**
- * Generate a new password using genpass's internal password generation
- * algorithm.
- * Based on the original D6 user_password function (with more characters)
+ * Generates random password.
  *
- * @return a fresh password according to the settings made in /admin/user/settings
+ * @see user_password()
  *
- * @see genpass_form_alter()
+ * @return string
+ *   The random string.
  */
 function genpass_password() {
   $pass = '';
-  $length = variable_get('genpass_length', 8);
+  $length = variable_get('genpass_length', 12);
   $allowable_characters = variable_get('genpass_entropy', _GENPASS_REQUIRED_entropy());
 
   // Zero-based count of characters in the allowable list:
   $len = strlen($allowable_characters) - 1;
-  
+
   // Loop the number of times specified by $length.
   for ($i = 0; $i < $length; $i++) {
+    do {
+      // Find a secure random number within the range needed.
+      $index = ord(drupal_random_bytes(1));
+    } while ($index > $len);
+
     // Each iteration, pick a random character from the
     // allowable string and append it to the password:
-    $pass .= $allowable_characters[mt_rand(0, $len)];
+    $pass .= $allowable_characters[$index];
   }
 
   return $pass;
@@ -63,7 +60,7 @@ function genpass_password() {
 /**
  * Helper function to find a item in the user form, since its position
  * within the form-array depends on the profile module (account-category).
- */ 
+ */
 function &_genpass_get_form_item(&$form, $field) {
   if (isset($form['account'][$field])) {
     return $form['account'][$field];
@@ -97,7 +94,7 @@ function genpass_form_alter(&$form, $form_state, $form_id) {
       $form['registration_cancellation']['genpass_length'] = array(
         '#type' => 'textfield',
         '#title' => t('Generated password length'),
-        '#default_value' => variable_get('genpass_length', 8),
+        '#default_value' => variable_get('genpass_length', 12),
         '#size' => 2,
         '#maxlength' => 2,
         '#description' => t('Set the length of generated passwords here. Allowed range: 5 to 32.'),
@@ -118,7 +115,7 @@ function genpass_form_alter(&$form, $form_state, $form_id) {
         '#default_value' => genpass_algorithm_module(),
         '#options' => genpass_add_samples(genpass_algorithm_modules()),
         '#description' => t('If third party modules define a password generation algorithm, you can select which one to use. Note that algorithms other than genpass will ignore the preferred entropy and password length. The currently selected algorithm produced the password @pw.', array('@pw' => genpass_generate())),
-      ); 
+      );
       $form['registration_cancellation']['genpass_display'] = array(
         '#type' => 'radios',
         '#title' => t('Generated password display'),
@@ -139,25 +136,25 @@ function genpass_form_alter(&$form, $form_state, $form_id) {
     // User registration form at admin/people/create
     case 'user_register_form':
       $mode = variable_get('genpass_mode', GENPASS_REQUIRED);
-      
+
       // Add validation function, where password may get set
       $form['#validate'][] = 'genpass_register_validate';
-      
+
       // Administrator is creating the user
-      if ($_GET['q'] == 'admin/user/user/create') {
+      if ($_GET['q'] == 'admin/people/create') {
         // Switch to optional mode
         $mode = GENPASS_OPTIONAL;
         // Help avoid obvious consequence of password being optional
         $notify_item =& _genpass_get_form_item($form, 'notify');
         $notify_item['#description'] = t('This is recommended when auto-generating the password; otherwise, neither you nor the new user will know the password.');
       }
-      
+
       // Pass mode to validation function
       $form['genpass_mode'] = array(
         '#type' => 'value',
         '#value' => $mode,
       );
-      
+
       $pass_item =& _genpass_get_form_item($form, 'pass');
       switch ($mode) {
         // If password is optional, don't require it, and give the user an
@@ -174,7 +171,7 @@ function genpass_form_alter(&$form, $form_state, $form_id) {
       }
       break;
   }
-  
+
 }
 
 /**
@@ -200,38 +197,44 @@ function genpass_user_admin_settings_validate($form, &$form_state) {
  * User registration validation.
  */
 function genpass_register_validate($form, &$form_state) {
-  if (empty($form_state['values']['pass']) && !form_get_errors()) {
-    
-    // Generate and set password
+  if (empty($form_state['values']['pass'])) {
+    // Generate and set password.
     $pass = genpass_generate();
     $pass_item =& _genpass_get_form_item($form, 'pass');
     form_set_value($pass_item, $pass, $form_state);
 
-    $display = variable_get('genpass_display', GENPASS_DISPLAY_BOTH);
+    if (!form_get_errors()) {
+      $display = variable_get('genpass_display', GENPASS_DISPLAY_BOTH);
 
-    // Administrator created the user.
-    if ($_GET['q'] == 'admin/people/create') {
-      $message = t('Since you did not provide a password, it was generated automatically for this account.');
-      if (in_array($display, array(GENPASS_DISPLAY_ADMIN, GENPASS_DISPLAY_BOTH))) {
-        $message .= ' ' . t('The password is: <strong class="genpass-password">!password</strong>', array('!password' => $pass));
-      }
-    }
-    // Optional - User did not provide password, so it was generated
-    elseif ($form_state['values']['genpass_mode'] == GENPASS_OPTIONAL) {
-      $message = t('Since you did not provide a password, it was generated for you.');
-      if (in_array($display, array(GENPASS_DISPLAY_USER, GENPASS_DISPLAY_BOTH))) {
-        $message .= ' ' . t('Your password is: <strong class="genpass-password">!password</strong>', array('!password' => $pass));
-      }
-    }
-    // Restricted - User was forced to receive a generated password
-    elseif ($form_state['values']['genpass_mode'] == GENPASS_RESTRICTED && in_array($display, array(GENPASS_DISPLAY_USER, GENPASS_DISPLAY_BOTH))) {
-      $message = t('The following password was generated for you: <strong class="genpass-password">!password</strong>', array('!password' => $pass));
-    }
+      // Administrator created the user.
+      if ($_GET['q'] == 'admin/people/create') {
+        $message = t('Since you did not provide a password, it was generated automatically for this account.');
 
-    if (!empty($message)) {
-      drupal_set_message($message);
+        if (in_array($display, array(GENPASS_DISPLAY_ADMIN, GENPASS_DISPLAY_BOTH))) {
+          $message .= ' ' . t('The password is: <strong class="nowrap">@password</strong>', array('@password' => $pass));
+        }
+      }
+
+      // Optional - User did not provide password, so it was generated
+      elseif ($form_state['values']['genpass_mode'] == GENPASS_OPTIONAL) {
+        $message = t('Since you did not provide a password, it was generated for you.');
+
+        if (in_array($display, array(GENPASS_DISPLAY_USER, GENPASS_DISPLAY_BOTH))) {
+          $message .= ' ' . t('Your password is: <strong class="nowrap">@password</strong>', array('@password' => $pass));
+        }
+      }
+
+      // Restricted - User was forced to receive a generated password
+      elseif ($form_state['values']['genpass_mode'] == GENPASS_RESTRICTED && in_array($display, array(GENPASS_DISPLAY_USER, GENPASS_DISPLAY_BOTH))) {
+        $message = t('The following password was generated for you: <strong class="nowrap">@password</strong>', array('@password' => $pass));
+      }
+
+      if (!empty($message)) {
+        drupal_set_message($message);
+      }
     }
   }
+
   return $form;
 }
 
@@ -261,7 +264,7 @@ function genpass_algorithm_modules() {
 function genpass_algorithm_module() {
   $modules = genpass_algorithm_modules();
   $module = variable_get('genpass_algorithm', 'genpass');
-  
+
   if (in_array($module, array_keys($modules))) {
     return $module;
   }