- user.inc.php needs to generate a password without including common.inc.php

(install3 doesn't like including that file).  That's ok, because eventually
  all passwd handling will be done through user.inc.php (and the generate could
  even be inlined into set_password). But for now, just copy the existing
  generatePassword, and call it something different so the function names don't
  clash.

user.inc.php

@@ -29,6 +29,23 @@ $user_what =  array('student'=>'Participant', 'judge' => 'Judge',
 			'committee'=>'Committee Member','volunteer' => 'Volunteer',
 			'fair'=>'Science Fair');
 
+
+/* Duplicate of common.inc.php:generatePassword, which will be deleted 
+ * eventually when ALL users are handled through this file */
+function user_generate_password($pwlen=8)
+{
+        //these are good characters that are not easily confused with other characters :)
+        $available="ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
+        $len=strlen($available) - 1;
+
+        $key="";
+        for($x=0;$x<$pwlen;$x++)
+                $key.=$available{rand(0,$len)};
+        return $key;
+}
+
+
+
 function user_load_fair($u)
 {
 	/* Double check, make sure the user is of this type */
@@ -182,7 +199,7 @@ function user_set_password($id, $password = NULL)
 		$q = mysql_query("SELECT passwordset FROM users WHERE id='$id'");
 		$u = mysql_fetch_assoc($q);
 		/* Generate a new password */
-		$password = generatePassword(12);
+		$password = user_generate_password(12);
 		/* save the old password only if it's not an auto-generated one */
 		if($u['passwordset'] != '0000-00-00') $save_old = true;
 		/* Expire the password */