diff --git a/htdocs/core/ajaxsecurity.php b/htdocs/core/ajaxsecurity.php
new file mode 100644
index 00000000000..896e04bddc4
--- /dev/null
+++ b/htdocs/core/ajaxsecurity.php
@@ -0,0 +1,59 @@
+
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * \file htdocs/core/ajaxsecurity.php
+ * \brief File for return security data
+ * \version $Id: ajaxsecurity.php,v 1.1 2011/07/09 08:05:08 hregis Exp $
+ */
+
+if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disables token renewal
+if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
+if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
+if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
+if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1');
+if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1');
+
+require('../main.inc.php');
+require_once(DOL_DOCUMENT_ROOT."/lib/security.lib.php");
+
+
+/*
+ * View
+ */
+
+// Ajout directives pour resoudre bug IE
+//header('Cache-Control: Public, must-revalidate');
+//header('Pragma: public');
+
+//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
+top_httphead();
+
+//print ''."\n";
+
+// Registering the location of boxes
+if(isset($_GET['action']) && ! empty($_GET['action']))
+{
+ if ($_GET['action'] == 'getrandompassword' && $user->admin)
+ {
+ $generic = $_GET['generic'];
+ echo getRandomPassword($generic);
+ }
+}
+
+?>
diff --git a/htdocs/lib/security.lib.php b/htdocs/lib/security.lib.php
index 04f4a578d75..8c8a2331259 100644
--- a/htdocs/lib/security.lib.php
+++ b/htdocs/lib/security.lib.php
@@ -21,7 +21,7 @@
/**
* \file htdocs/lib/security.lib.php
* \brief Set of function used for dolibarr security
- * \version $Id: security.lib.php,v 1.123 2011/07/04 09:01:38 eldy Exp $
+ * \version $Id: security.lib.php,v 1.124 2011/07/09 08:05:08 hregis Exp $
*/
@@ -540,14 +540,16 @@ function dol_efc_config()
/**
* Return a generated password using default module
+ * @param generic Create generic password
* @return string New value for password
*/
-function getRandomPassword()
+function getRandomPassword($generic=false)
{
global $db,$conf,$langs,$user;
$generated_password='';
- if ($conf->global->USER_PASSWORD_GENERATED)
+ if ($generic) $generated_password=dol_hash(mt_rand());
+ else if ($conf->global->USER_PASSWORD_GENERATED)
{
$nomclass="modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);
$nomfichier=$nomclass.".class.php";
@@ -557,6 +559,7 @@ function getRandomPassword()
$generated_password=$genhandler->getNewGeneratedPassword();
unset($genhandler);
}
+
return $generated_password;
}
diff --git a/htdocs/paypal/admin/paypal.php b/htdocs/paypal/admin/paypal.php
index f55c86c60bf..37ca979071a 100644
--- a/htdocs/paypal/admin/paypal.php
+++ b/htdocs/paypal/admin/paypal.php
@@ -21,7 +21,7 @@
/** \file htdocs/paypal/admin/paypal.php
* \ingroup paypal
* \brief Page to setup paypal module
- * \version $Id: paypal.php,v 1.21 2011/07/08 18:08:27 hregis Exp $
+ * \version $Id: paypal.php,v 1.22 2011/07/09 08:05:08 hregis Exp $
*/
require("../../main.inc.php");
@@ -89,11 +89,21 @@ print $langs->trans("PaypalDesc")." \n";
if ($conf->use_javascript_ajax)
{
print "\n".'';
@@ -177,7 +187,8 @@ print '';
$var=!$var;
print '