PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Wed Jun 03, 2020 8:28 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
 Post subject: Opinions needed
PostPosted: Mon Jan 17, 2005 9:07 pm 
Offline
Forum Newbie

Joined: Thu Jan 13, 2005 11:31 pm
Posts: 5


Top
 Profile  
 
 Post subject:
PostPosted: Mon Jan 17, 2005 9:13 pm 
Offline
Forum Newbie

Joined: Thu Jan 13, 2005 11:31 pm
Posts: 5


Top
 Profile  
 
 Post subject:
PostPosted: Mon Jan 17, 2005 9:45 pm 
Offline
Forum Regular

Joined: Mon Oct 18, 2004 8:14 pm
Posts: 741


Top
 Profile  
 
 Post subject:
PostPosted: Mon Jan 17, 2005 9:47 pm 
Offline
Neighborhood Spidermoddy
User avatar

Joined: Mon Mar 29, 2004 4:24 pm
Posts: 31559
Location: Bothell, Washington, USA


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 5:41 am 
Offline
DevNet Master

Joined: Thu Jan 30, 2003 9:26 pm
Posts: 2893
Location: Glasgow, Scotland
The user id ought to be in the hash - also expiry time if you want to protect that from tampering.

Syntax: [ Download ] [ Hide ]
$mac = md5($expire . '+' . $user . '+' . $private_string);

$cookie_value = $expire . '+' . $user . '+' . $mac;


When you get a cookie back hash the submitted values for $expire and $user along with your private string, then compare that to the submitted $mac value. If the cookie has been tampered, and $expire or $user have changed, they won't match.


Last edited by McGruff on Sun Aug 07, 2005 3:38 am, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 7:56 am 
Offline
DevNet Master
User avatar

Joined: Thu Aug 15, 2002 5:53 am
Posts: 4235
Location: Sussex, UK


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 10:43 am 
Offline
Briney Mod
User avatar

Joined: Mon Jan 19, 2004 7:11 pm
Posts: 6446
Location: 53.01N x 112.48W

_________________
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 10:46 am 
Offline
Site Admin

Joined: Thu Apr 18, 2002 3:14 pm
Posts: 1767
Location: Montreal, CA


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 11:15 am 
Offline
Forum Contributor

Joined: Fri Jul 09, 2004 1:23 am
Posts: 422


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 11:16 am 
Offline
Forum Contributor

Joined: Fri Jul 09, 2004 1:23 am
Posts: 422


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jan 18, 2005 11:27 am 
Offline
DevNet Master
User avatar

Joined: Thu Aug 15, 2002 5:53 am
Posts: 4235
Location: Sussex, UK


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group