Page 1 of 1

Form submissions, mcrypt and module load timeouts

Posted: Thu Feb 16, 2006 5:11 pm
by pwbjmv
Having a bear of a time with people complaining that their login forms (and any other encrypted access forms on my site) are randomly timing out our server. I've seen it myself too - randomly, but often enough to be annoying. I've talked to the hosting company about mcrypt and loading it's module, but they claim everything is fine (I was thinking server load or something). Has anyone seen this behavior with mcrypt only randomly loading and/or timing out form submissions? Using PHP 4.3.10.

Wondering if maybe I should just "leave the module open" or something? Load is probably dozens of people at once at the most. I'm fairly new to PHP so forgive if this is obvious and TIA.

Here is the code (can't remember where it came from and it's modified, but it's based on some class culled from somewhere online). It works well, when it works:

Code: Select all

<?
class crypto { 

  var $td; 

  function crypto($key = 'my_key_here', $iv = false, $algorithm = 'tripledes', $mode = 'ecb') 
  { 

    $this->td = mcrypt_module_open($algorithm, '', $mode, '') ; 

    $iv = ($iv === false) ? mcrypt_create_iv(mcrypt_enc_get_iv_size($this->td), MCRYPT_DEV_RANDOM) : substr($iv, 0, mcrypt_enc_get_iv_size($this->td)); 

    $expected_key_size = mcrypt_enc_get_key_size($this->td);
    $key = substr(md5($key), 0, $expected_key_size);
    mcrypt_generic_init($this->td, $key, $iv); 
  } 

  function encrypt($plain_string) 
  { 
    return base64_encode(mcrypt_generic($this->td, $plain_string)); 
  } 

  function decrypt($encrypted_string) 
  { 
    return trim(mdecrypt_generic($this->td, base64_decode($encrypted_string))); 
  } 
  function __destruct() 
  { 
    mcrypt_generic_deinit($this->td); 
    mcrypt_module_close($this->td); 
  } 

} 
?>
And a small sample of how it's called in one spot:

Code: Select all

$tlf = $_POST["password"];
		$ecry = new crypto;
		$ecrypt = $ecry->encrypt($tlf);
		$ecry->__destruct();
		
		$li = new cdb;
		$q = "SELECT * from usr where email='".$_POST["email"]."' and password='".$ecrypt."'";
		$li->query($q);