I have lots of members that say their temp password do not work, only to find out they they are using an O (oh, capital O) instead of a zero.

Is there a way to do a "numbers only" temp password?

I think the code that makes the password is in includes/functions.php, function fetch_random_password(), and it has a string of allowed characters. But it's already letters only, and it seems like there is no 'O' or 'o' (at least in vb 3.8.8).

I found the code... it does in fact allow numbers and, it excludes the letters o and O (cap o)

I'd like to remove the zero too but I'm not a good enuff php programer to do so

Here is the code that generates the password.

function fetch_random_password($length = 8)
{
$password_characters = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz';
$total_password_characters = strlen($password_characters) - 1;

$digit = vbrand(0, $length - 1);

$newpassword = '';
for ($i = 0; $i < $length; $i++)
{
if ($i == $digit)
{
$newpassword .= chr(vbrand(48, 57));
continue;
}

$newpassword .= $password_characters{vbrand(0, $total_password_characters)};
}

return $newpassword;
}

// ################################################## ###########################
/**
* vBulletin's hash fetcher, note this may change from a-f0-9 to a-z0-9 in future.
*
* @param integer Length of desired hash, limited to 40 characters at most
*/
function fetch_random_string($length = 32)
{
$hash = sha1(TIMENOW . SESSION_HOST . microtime() . uniqid(mt_rand(), true) . implode('', @fstat(fopen( __FILE__, 'r'))));

return substr($hash, 0, $length);
}

// ################################################## ###########################
/**
* vBulletin's own random number generator
*
* @param integer Minimum desired value
* @param integer Maximum desired value
* @param mixed Seed for the number generator (if not specified, a new seed will be generated)
*/
function vbrand($min = 0, $max = 0, $seed = -1)
{
mt_srand(crc32(microtime()));

if ($max AND $max <= mt_getrandmax())
{
$number = mt_rand($min, $max);
}
else
{
$number = mt_rand();
}
// reseed so any calls outside this function don't get the second number
mt_srand();

return $number;
}

Oh right, I wasn't paying attention. Looks like it inserts one number in a random position. So you could change that 48 to 49 (to only allow 1-9), or just comment out those 5 lines (or maybe you've taken care of it already).

Awesome... I changed the 48 to 50 to get rid of 1's too, and the small "l" in the alphabet.... any letter that could get confised.

Why they don't just cut and paste is beyond me... but a lot of my users are doing good just to find the keyboard :)

Thank you for your help, consider this one "closed".