PHP/Utility Function/md5
Содержание
- 1 Checking for session hijacking
- 2 Creating an md5 signature
- 3 Insert a unique ID into a form
- 4 md5.php
- 5 PHP"s basic md5() function
- 6 string md5 ( string str [, bool raw_output] )
- 7 string md5 ( string str [, bool raw_output] ) produces a data checksum in exactly the same way as sha1( );
- 8 The protect() MD5 Form Fingerprint Generator
Checking for session hijacking
<source lang="html4strict">
<?php session_start( ); $user_check = md5($_SERVER["HTTP_USER_AGENT"] . $_SERVER["REMOTE_ADDR"]); if (empty($_SESSION["user_data"])) {
session_regenerate_id( ); echo ("New session, saving user_check."); $_SESSION["user_data"] = $user_check;
} if (strcmp($_SESSION["user_data"], $user_check) !== 0) {
session_regenerate_id( ); echo ("Warning, you must reenter your session."); $_SESSION = array( ); $_SESSION["user_data"] = $user_check;
} else {
echo ("Connection verified!");
} ?>
</source>
Creating an md5 signature
<source lang="html4strict">
<?php
$mystring = "mystring"; $signature = md5($mystring); echo $signature;
?>
</source>
Insert a unique ID into a form
<source lang="html4strict">
<form method="post" action="<?php echo $_SERVER["SCRIPT_NAME"] ?>"
onsubmit="document.getElementById("submit-button").disabled = true;">
<input type="hidden" name="token" value="<?php echo md5(uniqid()) ?>"/> <input type="submit" value="Save Data" id="submit-button"/> </form>
</source>
md5.php
<source lang="html4strict">
<?php
$val = "secret"; $hash_val = md5 ($val); echo $hash_val;
?>
</source>
PHP"s basic md5() function
<source lang="html4strict">
<? $hashA = md5("optimize this!"); ?>
</source>
string md5 ( string str [, bool raw_output] )
<source lang="html4strict">
<?php $GLOBALS ["username"] = "test"; $GLOBALS ["password"] = "test"; setcookie ( "cookie_user", "test", time () + 60 * 60 * 24 * 30 ); setcookie ( "cookie_pass", md5 ( "test" ), time () + 60 * 60 * 24 * 30 ); function validatelogin() {
if (strcmp ( $_COOKIE ["cookie_user"], $GLOBALS ["username"] ) == 0. && strcmp ( $_COOKIE ["cookie_pass"], md5 ( $GLOBALS ["password"] ) ) == 0) { return true; } else { return false; }
} if (validatelogin ()) {
echo "Successfully logged in.";
} else {
echo "Sorry, invalid login.";
} ?>
</source>
string md5 ( string str [, bool raw_output] ) produces a data checksum in exactly the same way as sha1( );
<source lang="html4strict">
<?
$md5hash = md5("My string"); print $md5hash;
?>
</source>
The protect() MD5 Form Fingerprint Generator
<source lang="html4strict">
<?php
define("PROTECTED_KEY", "mysecretword"); function my_addslashes($string) { return (get_magic_quotes_gpc() == 1) ? $string : addslashes($string); } function protect($name, $value, $secret) { $tag = ""; $seed = md5($name.$value.$secret); $html_name = $name."_checksum"; $tag = "<INPUT TYPE="hidden" NAME="$name" VALUE="" . urlencode(my_addslashes($value))."">\n"; $tag .= "<INPUT TYPE="hidden" NAME="$html_name" VALUE="$seed">\n"; return $tag; }
?>
</source>