Form submissions, mcrypt and module load timeouts

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
pwbjmv
Forum Newbie
Posts: 1
Joined: Thu Feb 16, 2006 4:45 pm

Form submissions, mcrypt and module load timeouts

Post by pwbjmv »

Having a bear of a time with people complaining that their login forms (and any other encrypted access forms on my site) are randomly timing out our server. I've seen it myself too - randomly, but often enough to be annoying. I've talked to the hosting company about mcrypt and loading it's module, but they claim everything is fine (I was thinking server load or something). Has anyone seen this behavior with mcrypt only randomly loading and/or timing out form submissions? Using PHP 4.3.10.

Wondering if maybe I should just "leave the module open" or something? Load is probably dozens of people at once at the most. I'm fairly new to PHP so forgive if this is obvious and TIA.

Here is the code (can't remember where it came from and it's modified, but it's based on some class culled from somewhere online). It works well, when it works:

Code: Select all

<?
class crypto { 

  var $td; 

  function crypto($key = 'my_key_here', $iv = false, $algorithm = 'tripledes', $mode = 'ecb') 
  { 

    $this->td = mcrypt_module_open($algorithm, '', $mode, '') ; 

    $iv = ($iv === false) ? mcrypt_create_iv(mcrypt_enc_get_iv_size($this->td), MCRYPT_DEV_RANDOM) : substr($iv, 0, mcrypt_enc_get_iv_size($this->td)); 

    $expected_key_size = mcrypt_enc_get_key_size($this->td);
    $key = substr(md5($key), 0, $expected_key_size);
    mcrypt_generic_init($this->td, $key, $iv); 
  } 

  function encrypt($plain_string) 
  { 
    return base64_encode(mcrypt_generic($this->td, $plain_string)); 
  } 

  function decrypt($encrypted_string) 
  { 
    return trim(mdecrypt_generic($this->td, base64_decode($encrypted_string))); 
  } 
  function __destruct() 
  { 
    mcrypt_generic_deinit($this->td); 
    mcrypt_module_close($this->td); 
  } 

} 
?>
And a small sample of how it's called in one spot:

Code: Select all

$tlf = $_POST["password"];
		$ecry = new crypto;
		$ecrypt = $ecry->encrypt($tlf);
		$ecry->__destruct();
		
		$li = new cdb;
		$q = "SELECT * from usr where email='".$_POST["email"]."' and password='".$ecrypt."'";
		$li->query($q);
Post Reply