PHP/Utility Function/md5 — различия между версиями
Admin (обсуждение | вклад) м (1 версия) |
Admin (обсуждение | вклад) м (1 версия) |
(нет различий)
|
Текущая версия на 07:07, 26 мая 2010
Содержание
- 1 Checking for session hijacking
- 2 Creating an md5 signature
- 3 Insert a unique ID into a form
- 4 md5.php
- 5 PHP"s basic md5() function
- 6 string md5 ( string str [, bool raw_output] )
- 7 string md5 ( string str [, bool raw_output] ) produces a data checksum in exactly the same way as sha1( );
- 8 The protect() MD5 Form Fingerprint Generator
Checking for session hijacking
<?php
session_start( );
$user_check = md5($_SERVER["HTTP_USER_AGENT"] . $_SERVER["REMOTE_ADDR"]);
if (empty($_SESSION["user_data"])) {
session_regenerate_id( );
echo ("New session, saving user_check.");
$_SESSION["user_data"] = $user_check;
}
if (strcmp($_SESSION["user_data"], $user_check) !== 0) {
session_regenerate_id( );
echo ("Warning, you must reenter your session.");
$_SESSION = array( );
$_SESSION["user_data"] = $user_check;
}
else {
echo ("Connection verified!");
}
?>
Creating an md5 signature
<?php
$mystring = "mystring";
$signature = md5($mystring);
echo $signature;
?>
Insert a unique ID into a form
<form method="post" action="<?php echo $_SERVER["SCRIPT_NAME"] ?>"
onsubmit="document.getElementById("submit-button").disabled = true;">
<!-- insert all the normal form elements you need -->
<input type="hidden" name="token" value="<?php echo md5(uniqid()) ?>"/>
<input type="submit" value="Save Data" id="submit-button"/>
</form>
md5.php
<?php
$val = "secret";
$hash_val = md5 ($val);
echo $hash_val;
?>
PHP"s basic md5() function
<?
$hashA = md5("optimize this!");
?>
string md5 ( string str [, bool raw_output] )
<?php
$GLOBALS ["username"] = "test";
$GLOBALS ["password"] = "test";
setcookie ( "cookie_user", "test", time () + 60 * 60 * 24 * 30 );
setcookie ( "cookie_pass", md5 ( "test" ), time () + 60 * 60 * 24 * 30 );
function validatelogin() {
if (strcmp ( $_COOKIE ["cookie_user"], $GLOBALS ["username"] ) == 0. &&
strcmp ( $_COOKIE ["cookie_pass"], md5 ( $GLOBALS ["password"] ) ) == 0) {
return true;
} else {
return false;
}
}
if (validatelogin ()) {
echo "Successfully logged in.";
} else {
echo "Sorry, invalid login.";
}
?>
string md5 ( string str [, bool raw_output] ) produces a data checksum in exactly the same way as sha1( );
<?
$md5hash = md5("My string");
print $md5hash;
?>
The protect() MD5 Form Fingerprint Generator
<?php
define("PROTECTED_KEY", "mysecretword");
function my_addslashes($string) {
return (get_magic_quotes_gpc() == 1) ? $string : addslashes($string);
}
function protect($name, $value, $secret) {
$tag = "";
$seed = md5($name.$value.$secret);
$html_name = $name."_checksum";
$tag = "<INPUT TYPE="hidden" NAME="$name" VALUE="" .
urlencode(my_addslashes($value))."">\n";
$tag .= "<INPUT TYPE="hidden" NAME="$html_name" VALUE="$seed">\n";
return $tag;
}
?>