Search found 24 matches
- Sat Dec 26, 2009 9:51 am
- Forum: PHP - Security
- Topic: Javascript PHP RSA
- Replies: 4
- Views: 1932
Re: Javascript PHP RSA
Haha I'll look into it. This is not for any kind of project which requires secure connections I am just playing about in order to learn a few things. The more I've thought about it the more I realise that to have proper security and prevent evesdropping the only thing you can do is use SSL. I need t...
- Sat Dec 26, 2009 4:23 am
- Forum: PHP - Security
- Topic: Javascript PHP RSA
- Replies: 4
- Views: 1932
Re: Javascript PHP RSA
To work the javascript uses this function which takes $key which is made up of 3 hex strings, 0 being the e exponent, 1 being the d exponent and 2 being the n exponent (modulus). $key = new RSAKeyPair( "c84dd5b9fdfbdc0818473391980de1b", "450d061a9d53336bfbb24681d43c453", "...
- Thu Dec 24, 2009 8:02 am
- Forum: PHP - Security
- Topic: Javascript PHP RSA
- Replies: 4
- Views: 1932
Javascript PHP RSA
I've been playing about with javascript and php and wanted to try something out. I found this javascript app http://ohdave.com/rsa/ which can encrypt a string using an RSA exponents. I want to generate a key in PHP perhaps using something like openSSL, send the public key to Java to encrypt the stri...
- Wed Dec 23, 2009 7:40 am
- Forum: PHP - Security
- Topic: My novice attempt at making a secure login...
- Replies: 33
- Views: 12077
Re: My novice attempt at making a secure login...
I may well do that. Will I need to make any changes to my websites code if I use SSL?
- Wed Dec 23, 2009 5:26 am
- Forum: PHP - Code
- Topic: Something wrong with my code :(
- Replies: 1
- Views: 123
Re: Something wrong with my code :(
- Wed Dec 23, 2009 4:59 am
- Forum: PHP - Code
- Topic: Something wrong with my code :(
- Replies: 1
- Views: 123
Something wrong with my code :(
I'm playing about with OOP trying to improve my projects code. I've created two classes, one that handles database access and querys and one that handles user information... Class user extends db_access so that when the signsubmit.php file creates a new instance of user it can be used to submit the ...
- Wed Dec 23, 2009 3:28 am
- Forum: PHP - Security
- Topic: My novice attempt at making a secure login...
- Replies: 33
- Views: 12077
Re: My novice attempt at making a secure login...
I dont really want to use SSL as it cost £££ and I'm only really doing this to learn about PHP and security in my spare time. So it looks like I've pretty much gone as far as I can go in terms of securing the system. I did find a free SSL but then couldnt get it to work with my hosting (using helioh...
- Tue Dec 22, 2009 5:08 pm
- Forum: PHP - Security
- Topic: My novice attempt at making a secure login...
- Replies: 33
- Views: 12077
Re: My novice attempt at making a secure login...
secret.php line 17 is vulnerable to XSS. It's also recommended to encode the IP coming from the session (line 15). Ah I didn’t notice that, that page came from another site which was using a challenge and response example. What's mysql_entities_fix_string() for? That’s a function from Building PHP,...
- Tue Dec 22, 2009 4:40 am
- Forum: PHP - Security
- Topic: My novice attempt at making a secure login...
- Replies: 33
- Views: 12077
Re: My novice attempt at making a secure login...
Resolved! Found another function that was being called which was resetting the data in the database! 
- Tue Dec 22, 2009 2:55 am
- Forum: PHP - Security
- Topic: My novice attempt at making a secure login...
- Replies: 33
- Views: 12077
Re: My novice attempt at making a secure login...
What is the thought process behind your session_regen function in "include/mysql_connect.php" as opposed to using php's session_regenerate_id()? The session regen function gets a more random string of data from /dev/urandom as I'd read that the one generated by session_regenerate_id() is ...
- Mon Dec 21, 2009 6:06 pm
- Forum: PHP - Code
- Topic: Somethings wrong but I cant see it!
- Replies: 3
- Views: 96
Re: Somethings wrong but I cant see it!
I've moved the whole bit of code in question to a test.php file and stripped out the code that is not needed when this function is called. When I run the test.php file it does what is expected, records the IP and the number of attempts to log in, after 3 attempts blocks the IP. This is so frustratin...
- Mon Dec 21, 2009 5:43 pm
- Forum: PHP - Code
- Topic: Somethings wrong but I cant see it!
- Replies: 3
- Views: 96
Re: Somethings wrong but I cant see it!
The query seems fine, it worked before I changed the code (I changed how the program accessed the db, now its done through an object). The query was the same before. Its like $db->q_rows() on line 14 is returning 0 or nothing yet my test (line 20 in the second block of code) it returns 1 from the sa...
- Mon Dec 21, 2009 3:39 pm
- Forum: PHP - Code
- Topic: Somethings wrong but I cant see it!
- Replies: 3
- Views: 96
Somethings wrong but I cant see it!
I have a problem but I can’t understand why it’s not working. I have a function which checks a db to see if an ip is registered on it, if it’s not then it logs the ip. If it is then it updates a count. Once the count goes over 3 the ip is 'blocked'. Now I know that my IP is stored in the db so the f...
- Mon Dec 21, 2009 12:51 pm
- Forum: PHP - Code
- Topic: Call to a member function query_db() on a non-object?
- Replies: 2
- Views: 157
- Mon Dec 21, 2009 12:39 pm
- Forum: PHP - Code
- Topic: Call to a member function query_db() on a non-object?
- Replies: 2
- Views: 157
Call to a member function query_db() on a non-object?
Hi, Im getting the error Call to a member function query_db() on a non-object on the following line of code. $db->query_db($q); From function: function e_Check($e) { $q = "SELECT email FROM users WHERE email='$e'"; $db->query_db($q); return ($db->q_rows($db->q_resul...