PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
neel_basu wrote:md5 can Be Decrypted here Is Someone Who Decrypt The md5 Encryption
Considering MD5 isn't encryption that'd be very difficult. All this is is a database of words with their hash. There's only 166,642,636 entries, that's not even scratched the surface when it comes to a security issue. Just remember to use a salt and there's no problem whatsoever.
The only people who panic about this sort of thing are people who don't really understand it.
///this is easy to crack
$my_word= "art";
$hashed = md5($my_word);
//this is not so easy
/* **************************************
* ENCRYPTATION *
*************************************** */
function encrypt($string){
$hash1 = "t0d0b1ch0qu3c4m1n4";
$hash2 = "v@par4rál4sàd0r";
return md5($hash1.$string.$hash2);
}
$hashed = encrypt($my_word);
// AND SO ON
is always a compromise between the security needed an the resources you expect to use (price, time, compexity,speed, etc.)
you may also split the digest result into 2 strings and store them in two db fields.....
creativity is always there to help us isn't it?
So I'll use cookies to store username and password for 2 weeks. Then ill check if cookies username and password foud and they match database, then ill set some session variables to gain logged access right?
To store such data in a coockie is really unsafe, I suggesto you to store for example some unique identification on coockie (you may use the MD5 hash of the user id for example) and then make a query where the coockie informations is equal to the user_id hashed . So you allways get a unique identification without compromising the password or username.
Is just a fast example to suggest you an idea, it would be better to think something cheaper (on resources) because this operation may hash the entire user_id table before get the match.
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
The only thing I may think of is that someone who is using public computer and not logging out compromises the security because someone else can check out the cookies for that computer... any other things to care about?
Hmm. Maybe hashing the password in the cookie. So no one can find out the orginal password, someone may log in with others details but cannot still know the password and therefore cannot even change it if I require a user to enter old password before changing it to new one. Is this correct?
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
I have register globals disabled so how could I someone set cookies through url? Also I didn't quite get that 'somaebad'... the username and password would be validated of course. No characters except a-z0-9 4-16 length or so...
If Someone Makes A False Cokie With Username as admin#
and Open Your Cokie In A Text Editor And Then Spoil Your Cokie
Opening It And Then Changing The Body Content Of That Cokie With
That Bad cokies Body Content
And The Let Your Cokie To Interact With Your php Script
neel_basu wrote:No '#' Would Make The Password As a Comment Line
But Although Its Too Dificult
If Someone Makes A False Cokie With Username as admin#
and Open Your Cokie In A Text Editor And Then Spoil Your Cokie
Opening It And Then Changing The Body Content Of That Cokie With
That Bad cokies Body Content
And The Let Your Cokie To Interact With Your php Script
Oh and again...
the $a and $b are validated completely. This means something like preg_match("/[\w]{4,16}/",$a); or so. I'm not aware of someone typing <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> in cookies. I'm more afraid of that someone may stole cookies and then someway use the information inside them to gain access.
Storing your password in a cookie is a horrible security practice. Just don't do it, ever. And technically your query is still vulnerable to SQL injection, at minimum pass your data through mysql_real_escape_string().
What are you trying to accomplish by storing the password? Not to mention any cracker with half talent can read your cookies?
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
Go to PC.
Open text file that contains the cookie data.
Change username to Admin
Change password to ' or 1 or ' (including apostrophes).
Hit submit
Woo! I'm an admin.
A very basic and very obvious example of an SQL injection attack.
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
Go to PC.
Open text file that contains the cookie data.
Change username to Admin
Change password to ' or 1 or ' (including apostrophes).
Hit submit
Woo! I'm an admin.
A very basic and very obvious example of an SQL injection attack.
Why you are not reading my code...
// Of course they have to be validated but not typing it now...
means that I check first for allowed chars a-z,0-9 and _ then I chekcthat lenght is between 4 and 16. then lastly ill addslashes(). Clear now?
$a = $_COOKIE["username"];
$b = $_COOKIE["password"];
// Of course they have to be validated but not typing it now...
$c = mysql_query("SELECT * FROM users WHERE username='$a' AND password='$b';");
if (mysql_num_rows($c))
$access = true;
Go to PC.
Open text file that contains the cookie data.
Change username to Admin
Change password to ' or 1 or ' (including apostrophes).
Hit submit
Woo! I'm an admin.
A very basic and very obvious example of an SQL injection attack.
Why you are not reading my code...
// Of course they have to be validated but not typing it now...
means that I check first for allowed chars a-z,0-9 and _ then I chekcthat lenght is between 4 and 16. then lastly ill addslashes(). Clear now?
You are mistaken, I have read your code fine, and your regex pattern will allow all characters as long as there are 4 alpha characters within the pattern.
\x1a username would pass, and likely cause your query to fail and give sensitive information to the cracker. Like a said, you want to AT MINIMUM pass all variables into the query through mysql_real_escape_string(), just in case something like this happens. Never rely on single layer security.