Hi there,
I need an encrypting function, but haven't got a clue where to start.
First a string has to be encrypted with two different encryption keys.
Both output should be anything a-z / A-Z / 0-9 with a fixed length
(e.g. 20 chars).
(Preferably the encryption keys should pick chars from a string i give
them,
to prevent l's and 1's, o's and 0's etc.)
Then they get inputted again ( say $_POST['name'] and $_POST['code'] )
and i have to decrypt them. I know $_POST['name'] should use
decode/encode-key 1,
and $_POST['code'] should use decode/encode-key 2.
Decoded they should be the same again.
(Example below.)
I hope it's kind of clear ...
Greetings frizzle.
-------- EXAMPLE --------
Input : foobar
Output key 1 : klKpUR867Biwr742gsBd
Output key 2 : 9KdfnbDSnd65sgh45hsd
$_POST['name'] : klKpUR867Biwr742gsBd
$_POST['code'] : 9KdfnbDSnd65sgh45hsd
Result : foobar ( $_POST['name'] === $_POST['code'] )
11  1919 
Following on from frizzle's message. . . Hi there,
I need an encrypting function, but haven't got a clue where to start.
Ummm...yes - where to start.
I can't help feeling that you are not using the right method to do what
you're /really/ trying to achieve. If something is getting re-inputted
then why bother? If you want random numbers then you can generate
random strings with rand and md5 functions *and check input against
session vars* or values regenerated from a database seed.
There's an easy way to avoid o0 etc and that's by replacing one with
a distinctive character. NB 5s, 8B,1L,4A - many screens don't tell you.
I have a hunch you're trying too hard, but without a clearer idea of
what you're trying to do can't go further.
First a string has to be encrypted with two different encryption keys.
Both output should be anything a-z / A-Z / 0-9 with a fixed length
(e.g. 20 chars).
(Preferably the encryption keys should pick chars from a string i give
them,
to prevent l's and 1's, o's and 0's etc.)
Then they get inputted again ( say $_POST['name'] and $_POST['code'] )
and i have to decrypt them. I know $_POST['name'] should use
decode/encode-key 1,
and $_POST['code'] should use decode/encode-key 2.
Decoded they should be the same again.
(Example below.)
I hope it's kind of clear ...
Greetings frizzle.
-------- EXAMPLE --------
Input : foobar
Output key 1 : klKpUR867Biwr742gsBd
Output key 2 : 9KdfnbDSnd65sgh45hsd
$_POST['name'] : klKpUR867Biwr742gsBd
$_POST['code'] : 9KdfnbDSnd65sgh45hsd
Result : foobar ( $_POST['name'] === $_POST['code'] )
--
PETER FOX Not the same since the porcelain business went down the pan pe******@eminent.demon.co.uk.not.this.bit.no.html
2 Tees Close, Witham, Essex.
Gravity beer in Essex <http://www.eminent.demon.co.uk>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
frizzle wrote: Hi there,
I need an encrypting function, but haven't got a clue where to start.
Maybe by RTFM? http://php.net/manual/en/ref.mcrypt.php
- --
- ----------------------------------
Iván Sánchez Ortega -i-punto-sanchez--arroba-mirame-punto-net http://acm.asoc.fi.upm.es/~mr/
Proudly running Debian Linux with 2.6.12-1-686 kernel, KDE3.5.0, and PHP
5.1.2-1 generating this signature.
Uptime: 01:22:27 up 4:11, 1 user, load average: 0.57, 0.31, 0.18
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD1sTm3jcQ2mg3Pc8RAiC0AJ9nMHtEv24XBLrO5aWnTI vc940TswCePFOj
AscAJ7+AFeXveYKrlY+iNOo=
=7Y0o
-----END PGP SIGNATURE-----
Carl Vondrick wrote: You may want to look into Mcrypt
(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com... Carl Vondrick wrote: You may want to look into Mcrypt
(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
Not sure, but sounds like a CAPTCHA. They can be OCR'd
(http://www.ocr-research.org.ua/ ) from what I found in an earlier post.
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
Thanks, indeed that's what i meant.
Apparently it's a weaker system then i imagined.
I guess i'll have to find another alternative again ... :(
Greetings Frizzle.
Jim Michaels wrote: "frizzle" <ph********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com... Carl Vondrick wrote: You may want to look into Mcrypt
(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
Not sure, but sounds like a CAPTCHA. They can be OCR'd
(http://www.ocr-research.org.ua/ ) from what I found in an earlier post.
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
frizzle wrote: Thanks, indeed that's what i meant.
Apparently it's a weaker system then i imagined.
I guess i'll have to find another alternative again ... :(
Greetings Frizzle.
Jim Michaels wrote:
"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.google groups.com...
Carl Vondrick wrote:
You may want to look into Mcrypt
(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
Not sure, but sounds like a CAPTCHA. They can be OCR'd
(http://www.ocr-research.org.ua/ ) from what I found in an earlier post.
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
Why? Is this a high security site?
OCR'ing CAPTCHA images does take time and effort - each one is typically
different. What would be on your site which would require that much effort?
Not to denigrate your site in any form - but the fact is, spammers
et.al. wouldn't bother with 99.99999% of the CAPTCHA images. They'll
just go onto another site.
It's like your front door. Your lock isn't unpickable - it just
requires time and effort on a burglar's part to pick. However, you lock
your door anyway, because it's a deterrent - the burglar will most
likely move on (unless you're storing Fort Knox inside).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
Jerry Stuckle wrote: frizzle wrote: Thanks, indeed that's what i meant.
Apparently it's a weaker system then i imagined.
I guess i'll have to find another alternative again ... :(
Greetings Frizzle.
Jim Michaels wrote:
"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.google groups.com...
Carl Vondrick wrote:
>You may want to look into Mcrypt
>(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
>what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
Not sure, but sounds like a CAPTCHA. They can be OCR'd
(http://www.ocr-research.org.ua/ ) from what I found in an earlier post.
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
Why? Is this a high security site?
OCR'ing CAPTCHA images does take time and effort - each one is typically
different. What would be on your site which would require that much effort?
Not to denigrate your site in any form - but the fact is, spammers
et.al. wouldn't bother with 99.99999% of the CAPTCHA images. They'll
just go onto another site.
It's like your front door. Your lock isn't unpickable - it just
requires time and effort on a burglar's part to pick. However, you lock
your door anyway, because it's a deterrent - the burglar will most
likely move on (unless you're storing Fort Knox inside).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Well you're probably right, but i also still haven't found a 'good'
CAPTCHA method that doesn't rely on sessions.
I'd like to have two inputs: 1 by the user, and one hidden formfield,
each with their own decryption key, and compare those,
but i haven't found a proper encryption / decryption function yet, that
is good, but quite easy to understand (not to break! ;) )
Frizzle.
"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@o13g2000cwo.googlegr oups.com... Jerry Stuckle wrote: frizzle wrote: > Thanks, indeed that's what i meant.
> Apparently it's a weaker system then i imagined.
> I guess i'll have to find another alternative again ... :(
>
> Greetings Frizzle.
>
>
> Jim Michaels wrote:
>
>>"frizzle" <ph********@gmail.com> wrote in message
>>news:11**********************@z14g2000cwz.google groups.com...
>>
>>>Carl Vondrick wrote:
>>>
>>>>You may want to look into Mcrypt
>>>>(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
>>>>what are you really try to achieve?
>>>
>>>What i'm trying to do is build a way of security that a human is
>>>submitting a form.
>>>I know there are ways out there already, but i also have other
>>>purposes
>>>in mind.
>>>
>>>Example:
>>>
>>>Image random generated according to key 1:
>>>
>>> image.php?txt=kjGKUGFfas8gkjafKfasdf
>>>
>>>The image is a php file, getting $_GET['txt'], decrypt it according
>>>key 1, and encrypt it according to key 2. The second encrypting
>>>becomes visible in the actual image.
>>>
>>>I have a have a hidden form field with the value of key 1, and the
>>>visitor has to insert the text from the image / key 2 into a form
>>>field.
>>>
>>>Then after posting i compare the decrypted hidden formfield's value
>>>against the user submitted value ( / image's value). if they match,
>>>the user read the image, and is human ...
>>
>>Not sure, but sounds like a CAPTCHA. They can be OCR'd
>>(http://www.ocr-research.org.ua/ ) from what I found in an earlier
>>post.
>>
>>
>>>It might sound stupid, sloppy or whatever, but i'm just trying to
>>>achieve my goal.
>>>
>>>Thanks.
>>>
>
>
Why? Is this a high security site?
OCR'ing CAPTCHA images does take time and effort - each one is typically
different. What would be on your site which would require that much
effort?
Not to denigrate your site in any form - but the fact is, spammers
et.al. wouldn't bother with 99.99999% of the CAPTCHA images. They'll
just go onto another site.
It's like your front door. Your lock isn't unpickable - it just
requires time and effort on a burglar's part to pick. However, you lock
your door anyway, because it's a deterrent - the burglar will most
likely move on (unless you're storing Fort Knox inside).
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Well you're probably right, but i also still haven't found a 'good'
CAPTCHA method that doesn't rely on sessions.
I'd like to have two inputs: 1 by the user, and one hidden formfield,
each with their own decryption key, and compare those,
but i haven't found a proper encryption / decryption function yet, that
is good, but quite easy to understand (not to break! ;) )
Frizzle.
use MD5 digits as an index into a dictionary array, and use soundex to
compare words in case they mistype, using only a subset of the md5 string?
"Jerry Stuckle" <js*******@attglobal.net> wrote in message
news:sq********************@comcast.com... frizzle wrote: Thanks, indeed that's what i meant.
Apparently it's a weaker system then i imagined.
I guess i'll have to find another alternative again ... :(
Greetings Frizzle.
Jim Michaels wrote:
"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@z14g2000cwz.googl egroups.com...
Carl Vondrick wrote:
>You may want to look into Mcrypt
>(http://us3.php.net/manual/en/ref.mcrypt.php). But, with Peter said,
>what are you really try to achieve?
What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.
Example:
Image random generated according to key 1:
image.php?txt=kjGKUGFfas8gkjafKfasdf
The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.
I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form
field.
Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...
Not sure, but sounds like a CAPTCHA. They can be OCR'd
(http://www.ocr-research.org.ua/ ) from what I found in an earlier post.
It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.
Thanks.
Why? Is this a high security site?
OCR'ing CAPTCHA images does take time and effort - each one is typically
different. What would be on your site which would require that much
effort?
Not to denigrate your site in any form - but the fact is, spammers et.al.
wouldn't bother with 99.99999% of the CAPTCHA images. They'll just go
onto another site.
It's like your front door. Your lock isn't unpickable - it just requires
time and effort on a burglar's part to pick. However, you lock your door
anyway, because it's a deterrent - the burglar will most likely move on
(unless you're storing Fort Knox inside).
I think he's got a point there. I dunno. here's one. Won't guarantee it.
there's better ones out there that mangle fonts.
http://wp-plugins.net/plugin/captcha/
I've looked through the GD source code. it can't mangle fonts. only rotate
them. for that you're probably looking at making a DLL with the bitstream
library or something like that, or relying on windows' truetype font
rendering engine to render a bitmap, which could possibly do the job.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
================== This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: steve |
last post by:
Hi,
I know there are a few free and paid php source code encryption
scripts around. Has anyone used one, and any feedback?
I am interested in encrypting source that is placed on a remote host....
|
by: Piotr |
last post by:
MS has published on its sites javascript encoder, which enables "encrypting"
javascript code. It allows hiding js code from being seen as a text file.
There is a decoder for it, available in the...
|
by: Dayne |
last post by:
Guys,
I am writing a database application(vb.net , sql server) and is presently
storing the connection settings in a xml file...not very secure though. What
is a safer method in a dynamic...
|
by: jimfortune |
last post by:
This idea is still in the process of formulation. I'm considering the
idea of storing encrypted data in memo fields. Since the data is for
internal use only I don't think the legal limits on...
|
by: Richard L Rosenheim |
last post by:
Anyone care to express their two cents over pros and cons of encrypting the
data being transmitted (within the SOAP package) versus just utilizing a
HTTPS connection?
Richard Rosenheim
|
by: Gernot Frisch |
last post by:
Hi,
I want to build a encryption macro set, that can crypt:
char secret = CRYPT("KungFu");
to anything unreadable, and then have a function:
char* DECRYPT(char* str)
{
...
|
by: Amar |
last post by:
Hi All,
I want to insert my password into the mysql database by encrypting it
so that I can also retrieve the password. Before I was using sha1()
for encrypting password,but it is an one way...
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection...
|
by: pavanponnapalli |
last post by:
hi,
I have entered a value in a text box , i have called a javascript function.
There i have written as under:
);
alert(old1); ]
I am not getting any error message in the javascript ,...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
