Passing a username through MD5 hash via link.
Moderator: General Moderators
-
Kainproductions
- Forum Newbie
- Posts: 4
- Joined: Wed Apr 05, 2006 1:22 pm
Passing a username through MD5 hash via link.
I'm currently working with a site that uses a partner site to administer tests. They basically want it so the user's username is passed through a MD5 hash (to store their username) when they click on a link to visit the partner site to take the test. I have searched all over but have had no luck find any tutorials or information on how do this quickly. Any suggestions?
-
Kainproductions
- Forum Newbie
- Posts: 4
- Joined: Wed Apr 05, 2006 1:22 pm
Ok here's the scenario. The user is currently logged into the site. In order for them to take a test they have to visit another website we have partnered with to give the tests. The partner site wants it so when the user clicks on the url to visit the partner to site, the user's username only is sent through the url to the partner sit so they can store the test results for the particular user. To protect the user's username they want us to pass it through a MD5 hash which would be translated back to the username on their end. How would I do this?
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
when you generate the URL for the test, add the md5() to it:
Code: Select all
echo '<a href="http://example.com/test/1234/?partner=331&user=' . md5($username) . '">Take the test.</a>';-
Kainproductions
- Forum Newbie
- Posts: 4
- Joined: Wed Apr 05, 2006 1:22 pm
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
-
Kainproductions
- Forum Newbie
- Posts: 4
- Joined: Wed Apr 05, 2006 1:22 pm
Can I do this alternatively with cookies? If so, how would I go about doing this? How would I grab the user's userid from their cookies and carry it over to the other site?
Last edited by Kainproductions on Mon Apr 10, 2006 1:12 pm, edited 1 time in total.
MyCrypt would be good for this sort of thing.
pif!
Code: Select all
/*
* encode protected link variable (sending server)
*/
function encode_key ( $str )
{
$obj = mcrypt_create_iv ( mcrypt_get_iv_size ( MCRYPT_XTEA, MCRYPT_MODE_ECB ), MCRYPT_RAND );
return ( bin2hex ( gzcompress ( mcrypt_encrypt ( MCRYPT_XTEA, SYS_KEY, $str, MCRYPT_MODE_ECB, $obj ), 9 ) ) );
}
// send usage
define ( 'SYS_KEY', 'my_super_secret_key' );
$str = 'some text to encrypt and protect';
$link = "<a href='http://www.test_site.com/path_to_test/script.php?user='" . encode_key ( $str ) . "'>Take Test</a>";Code: Select all
/*
* decode protected link variable (receiving server)
*/
function decode_key ( $str )
{
$str = @gzuncompress ( @pack ( 'H*', $str ) );
$obj = @mcrypt_create_iv ( @mcrypt_get_iv_size ( MCRYPT_XTEA, MCRYPT_MODE_ECB ), MCRYPT_RAND );
return ( @mcrypt_decrypt ( MCRYPT_XTEA, SYS_KEY, $str, MCRYPT_MODE_ECB, $obj ) );
}
// receiving usage
define ( 'SYS_KEY', 'my_super_secret_key' );
if ( isset ( $_GET['user'] ) )
{
$user = trim ( decode_key ( $_GET['user'] ) );
if ( valid_user ( $user ) === true )
{
// do test, valid user
}
else
{
// do error, not valid user
}
}