PHP/Utility Function/md5 — различия между версиями

Материал из Web эксперт
Перейти к: навигация, поиск
м (1 версия)
 
м (1 версия)
 
(нет различий)

Текущая версия на 07:07, 26 мая 2010

Checking for session hijacking

 
<?php
session_start(  );
$user_check = md5($_SERVER["HTTP_USER_AGENT"] . $_SERVER["REMOTE_ADDR"]);
if (empty($_SESSION["user_data"])) {
    session_regenerate_id(  );
    echo ("New session, saving user_check.");
    $_SESSION["user_data"] = $user_check;
}
if (strcmp($_SESSION["user_data"], $user_check) !== 0) {
    session_regenerate_id(  );
    echo ("Warning, you must reenter your session.");
    $_SESSION = array(  );
    $_SESSION["user_data"] = $user_check;
}
else {
    echo ("Connection verified!");
}
?>



Creating an md5 signature

 
<?php
    $mystring = "mystring";
    $signature = md5($mystring);
    echo $signature;
?>



Insert a unique ID into a form

 
<form method="post" action="<?php echo $_SERVER["SCRIPT_NAME"] ?>"
      onsubmit="document.getElementById("submit-button").disabled = true;">
<!-- insert all the normal form elements you need -->
<input type="hidden" name="token" value="<?php echo md5(uniqid()) ?>"/>
<input type="submit" value="Save Data" id="submit-button"/>
</form>



md5.php

 
<?php
   $val = "secret";
   $hash_val = md5 ($val);
   echo $hash_val;
?>



PHP"s basic md5() function

 
<?
$hashA = md5("optimize this!");
?>



string md5 ( string str [, bool raw_output] )

 
<?php
$GLOBALS ["username"] = "test";
$GLOBALS ["password"] = "test";
setcookie ( "cookie_user", "test", time () + 60 * 60 * 24 * 30 );
setcookie ( "cookie_pass", md5 ( "test" ), time () + 60 * 60 * 24 * 30 );
function validatelogin() {
  if (strcmp ( $_COOKIE ["cookie_user"], $GLOBALS ["username"] ) == 0. && 
  strcmp ( $_COOKIE ["cookie_pass"], md5 ( $GLOBALS ["password"] ) ) == 0) {
    return true;
  } else {
    return false;
  }
}
if (validatelogin ()) {
  echo "Successfully logged in.";
} else {
  echo "Sorry, invalid login.";
}
?>



string md5 ( string str [, bool raw_output] ) produces a data checksum in exactly the same way as sha1( );

 
<?
    $md5hash = md5("My string");
    print $md5hash;
?>



The protect() MD5 Form Fingerprint Generator

 
<?php
    define("PROTECTED_KEY", "mysecretword");
    function my_addslashes($string) {
        return (get_magic_quotes_gpc() == 1) ? $string : addslashes($string);
    }
    function protect($name, $value, $secret) {
        $tag = "";
        $seed = md5($name.$value.$secret);
        $html_name = $name."_checksum";
        $tag = "<INPUT TYPE="hidden" NAME="$name" VALUE="" .
               urlencode(my_addslashes($value))."">\n";
        $tag .= "<INPUT TYPE="hidden" NAME="$html_name" VALUE="$seed">\n";
        return $tag;
    }
?>