"ElaK" <ws*****@medianet.pl> wrote in message
news:c1**************************@posting.google.c om...
Hello all,
I have the case I need to solve in PHP with Hasp keys.
I need to keep an authentication via Hasp key attached to port
‘lpt’ on client PC.
My question is how to do via I.E.
I wonder if PHP API can check the key ID on client PC and send it back
to the server?
Any suggestions more then welcome...
Grzegorz
Not sure I understand you, is you question:
Can server side PHP check a HASP device over the internt on a client PC
runing Internet Explorer?
Short answer, NO
However it is possible to retrieve the HASP key, Since there is a HASP
device, there is a great chance you are locking them into a system, so why
not lock them into Internet Explorer as well, just create an Active-X object
that will sit on a web page. The Active-X object has full controll of the
client system, thus it can interact with the Windows API. HAve the Active-X
object read the HASP, and forward it to your PHP script via a http call.
Warning though, anyone with a packet sniffer will be able to see the info,
so it is best you encrypt it on the cleint side before sending, also, change
the encryption to a random one each time it is run to prevent someone from
just capturing the enctyped key.
Example, I did some security testing for Monster.com, and they were setting
an encypted session cookie, well, wrote an app that would send the encytped
cookie back, and never let in expire, then I had full access 100% of the
time even with an expired account.
--
Mike Bradley
http://www.gzentools.com -- free online php tools
