|
PHP - Using Php To Encrypt/decrypt Data To And From The Database
Hello everyone... I am developing a software as a service program for use by multiple companies, each would have their own instance of the application... The part that I am not really to clear on, is what would be the most secure, with low latency, PHP method of encrypting/decrypting data to and from the database... all data is sent over SSL... I would also want to use a unique key for each company... Access to the program itself is protected from the outside by a user based log in system...
Similar TutorialsI am currently recoding a website from ASP to PHP. The aim is for a customer to add items to a cart, fill in their credit card details. Then an email is encrypted (on the secure website) and sent to the client. The client then opens the email on her PC and it is decoded either when she opens the e-mail, or downloads an attachment that can be opened by a program that requires a password. Once entered the order is revealed, the e-mail is decrypted. I just wondered if anyone has any link to sites where I can download the de-crypting software to install on the clients machine. Or any other ideas on sending an encrypting email and decrypting on the recipients computer. Many thanks. Hi. I purchased software for a PayPal subscription management system, and it relies on user verification by way of a username (email address) and a hashed password. I have also developed my own login scripts for an application which also uses a hashed md5 password and all that works fine. I want to integrate my scripts with the purchased software using the supplied mySql database tables. My problem is that the supplied software goes a step further than a hashed md5 password by applying initializing vectors to the hashed password. I cannot figure out how to modify my login code to accommodate the encrypted password that appears in the database. It is beyond my current abilities to work this out on my own. I'd really appreciate it if anyone can help. I've attached my own login script below, and Ive attached what I believe is the decryption code that comes with the purchased software. There is also a database file that relates to this. Hope someone can help me. <?php session_start(); if ($_POST['password']) { //Connect to the database include_once "db_connect.php"; $email = stripslashes($_POST['payer_email']); $email = strip_tags($email); $email = mysql_real_escape_string($email); $password = preg_replace("/[^A-Za-z0-9]/", "", $_POST['password']); // filter everything but numbers and letters $password = md5($password); // Make query and then register all relevant database data into SESSION variables. $sql = mysql_query("SELECT * FROM sec_tblusers WHERE payer_email='$email' AND password='$password' AND signedup='1'") or die("failed"); $login_check = mysql_num_rows($sql); if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Get member data into a session variable $id = $row["recid"]; session_register('recid'); $_SESSION['recid'] = $id; $payer_email = $row["payer_email"]; session_register('payer_email'); $_SESSION['payer_email'] = $payer_email; $password = $row["password"]; session_register('password'); $_SESSION['password'] = $password; $iv = $row["iv"]; session_register('iv'); $_SESSION['iv'] = $iv; $signedup = $row["signedup"]; session_register('signedup'); $_SESSION['signedup'] = $signedup; $lastlogin = $row["lastlogin"]; session_register('lastlogin'); $_SESSION['lastlogin'] = $lastlogin; // Update last_log_date field for this member now mysql_query("UPDATE sec_tblusers SET lastlogin=now() WHERE recid='$id'"); // Print success message here then exit the script //header("location: member_profile.php?id=$id"); header("location: adduser.php?id=$id"); exit(); } // close while } else { // Print login failure message to the user and link them back to your login page print '<br /><br /><font color="#FF0000">You do not show in our records as a subscriber. Has the subscription expired?</font><br /> <br /><a href="../main.php">Click here</a> to go back.'; exit(); } }// close if post ?> What I think is the decrypting code that comes with the purchased software goes like this. <?php //--------------------------------------- //Given the payer_email address, return the decrypted password function getpassword($payer_email, $dbhost, $dbusername, $dbpass, $dbname, $dbprefix, &$message) { $dl = new DataLayer(); $dl->debug=false; $dl->connect( $dbhost, $dbusername, $dbpass, $dbname ) or die ( "Database connection error " . $dl->geterror() ); //SELECT password, iv FROM sec_tblusers WHERE payer_email = '" . $payer_email . "'" $cols = array("password", "iv"); $table = $dl->select( $dbprefix."sec_tblusers", "", $cols, "payer_email = '$payer_email'", "" ); if ($dl->geterror()) { $message = "SQL error - user.php ref 58 " . $dl->geterror(); exit; } $IV = $table[0]['iv']; $password = $table[0]['password']; $decryption = new password($IV, $password); $decryption->decode(); $decode = $decryption->getdecodedtext(); return $decode; } //------------------------------------ ?> The database table is here. Code: [Select] -- Table structure for table `sec_tblusers` -- CREATE TABLE `sec_tblusers` ( `recid` int(11) NOT NULL AUTO_INCREMENT, `payer_email` varchar(100) NOT NULL, `password` varchar(50) DEFAULT NULL, `iv` int(11) DEFAULT NULL, `signedup` int(11) NOT NULL DEFAULT '0', `signupdate` datetime NOT NULL, `lastlogin` datetime NOT NULL, PRIMARY KEY (`recid`), UNIQUE KEY `payer_email` (`payer_email`), KEY `password` (`password`), KEY `signedup` (`signedup`), KEY `lastlogin` (`lastlogin`), KEY `signupdate` (`signupdate`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=22 ; -- -- Dumping data for table `sec_tblusers` -- INSERT INTO `sec_tblusers` (`recid`, `payer_email`, `password`, `iv`, `signedup`, `signupdate`, `lastlogin`) VALUES (5, 'someone@gmail.com', 'cRbeAWgN3 ', 316, 1, '0000-00-00 00:00:00', '2010-11-10 22:29:06'), (6, 'someoneelse@gmail.com', 'cRbeAWgN3 ', 269, 1, '0000-00-00 00:00:00', '0000-00-00 00:00:00'); I suspect that there may be some other relevant code in the purchased software, and I could hunt that up if someone could tell me what I should look for. Anyway, I'm really in need of some help, or some advice. Cheers, everyone. How can I encrypt POST data from a form? Basically, I want to ensure that the data on the form is not in plain text ever. Is this possible? <form method="post"> <input type="text" name="email" size="40"> <input type="password" name="password"/> ... Basically, when this posts, I want to do a foreach on $_POST and see something like: password = 1f3870be274f6c49b3e31a0c6728957f and not password = stringTheUserTyped I hope what I'm asking for is clear. (PHP 5.2.14) Thanks! Hello to all, I have problem figuring out how to properly display data fetched from MySQL database in a HTML table. In the below example I am using two while loops, where the second one is nested inside first one, that check two different expressions fetching data from tables found in a MySQL database. The second expression compares the two tables IDs and after their match it displays the email of the account holder in each column in the HTML table. The main problem is that the 'email' row is displayed properly while its while expression is not nested and alone(meaning the other data is omitted or commented out), but either nested or neighbored to the first while loop, it is displayed horizontally and the other data ('validity', 'valid_from', 'valid_to') is not displayed.'
Can someone help me on this, I guess the problem lies in the while loop? <thead> <tr> <th data-column-id="id" data-type="numeric">ID</th> <th data-column-id="email">Subscriber's Email</th> <th data-column-id="validity">Validity</th> <th data-column-id="valid_from">Valid From</th> <th data-column-id="valid_to">Valid To</th> </tr> </thead> Here is part of the PHP code:
<?php
while($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
echo '
<tr>
<td>'.$row["id"].'</td>
';
while ($row1 = $stmt1->fetch(PDO::FETCH_ASSOC)) {
echo '
<td>'.$row1["email"].'</td>
';
}
if($row["validity"] == 1) {
echo '<td>'.$row["validity"].' month</td>';
}else{
echo '<td>'.$row["validity"].' months</td>';
}
echo ' <td>'.$row["valid_from"].'</td>
<td>'.$row["valid_to"].'</td>
</tr>';
}
?>
Thank you. hi guys, im new to this forum I'm new also to php, I need help from you guys: I want to display personal information from a certain person (the data is on the mysql database) using his name as a link: example: (index.php) names 1. Bill Gates 2. Mr. nice Guy i want to click Bill Gates (output.php) Name: Bill Gates Country:xxxx Age: xx etc. How can i make this or how to learn this? Hi, I've currently started to modify a chat script of mine to output a moderation panel but the moderation page seems empty(blank) every time I load it. What im trying to do is to take the ID part in my URL via the $_GET and look it up in my database table in the column named id, then select that specific row to be able to retrieve the StringyChat_ip and place it into another table to ban the IP and the second thing im trying to do is to be able to delete the specific row from my table.
My Http link look something like
http://imagecrab.fre.../ban.php?id=159
and my ban.php page where I want to lookup the 159 part and do the banning etc looks like
<?
include("admin_code_header.php");
if ($_POST["DeletePost"]) {
$id = $_POST['id'];
$query = "DELETE FROM ".$dbTable." WHERE id='".$id."'";
mysql_query($query);
echo "ID removed from system: ".$id;
}
if ($_POST["BanIP"]) {
$IP_To_Add = $_POST["ip"];
$sql = "INSERT INTO ".$IPBanTable." (ip) VALUES (\"$IP_To_Add\")";
$result = mysql_query($sql);
}
$result = mysql_query("SELECT * FROM ".$dbTable." WHERE id='".$id."'",$db);
while ($myrow = mysql_fetch_array($result)) {
$msg = $myrow["StringyChat_message"];
$idm = $myrow["id"];
?>
<html>
<form name="form<? echo $myrow["id"];?>" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input name="DeletePost" type="submit" id="DeletePost" value="Delete">
<input name="BanIP" type="submit" id="BanIP" value="Ban <? echo $myrow["StringyChat_ip"];?>">
</form>
</html>
<?
}
?>
Hi.. Sorry, if I need to repost my problem in while loop. cause until now I can't resolve my problem in saving all data from while loop. I have this code StockRequisition.php where FORM was displayed. <?php error_reporting(0); date_default_timezone_set("Asia/Singapore"); //set the time zone $con = mysql_connect('localhost', 'root',''); if (!$con) { echo 'failed'; die(); } mysql_select_db("mes", $con); $sr_date =date('Y-m-d H:i:s'); $sql = "SELECT sr_number FROM stock_requisition ORDER BY sr_date DESC LIMIT 1"; $result = mysql_query($sql, $con); if (!$result) { echo 'failed'; die(); } $total = mysql_num_rows($result); if ($total <= 0) { $currentSRNum = 1; $currentYear = (int)(date('y')); $currentMonth = (int)(date('m')); $currentDay = (int)(date('d')); $currentSRYMD = substr($row['sr_number'], 0, 6); $currentYMD = date("ymd"); if ($currentYMD > $currentSRYMD) { $currentSRNum = 1; } else { $currentSRNum += 1; } } else { //------------------------------------------------------------------------------------------------------------------ // Stock Number iteration.... $row = mysql_fetch_assoc($result); $currentSRNum = (int)(substr($row['sr_number'],0,3)); $currentSRYear = (int)(substr($row['sr_number'],2,2)); $currentSRMonth = (int)(substr($row['sr_number'],0,2)); $currentSRNum = (int)(substr($row['sr_number'],6,4)); $currentYear = (int)(date('y')); $currentMonth = (int)(date('m')); $currentDay = (int)(date('d')); $currentSRYMD = substr($row['sr_number'], 0, 6); $currentYMD = date("ymd"); if ($currentYMD > $currentSRYMD) { $currentSRNum = 1; } else { $currentSRNum += 1; } } //------------------------------------------------------------------------------------------------------------------ $yearMonth = date('ymd'); $currentSR = $currentYMD . sprintf("%04d", $currentSRNum); ?> <html> <title>Stock Requisition</title> <head> <link rel="stylesheet" type="text/css" href="kanban.css"> <script type="text/javascript"> function save_sr(){ var sr_date = document.getElementById("sr_date").value; var sr_number = document.getElementById("sr_number").value; var Items1 = document.getElementById("Items1").value; var SubItems = document.getElementById("SubItems").value; var ItemCode = document.getElementById("ItemCode").value; var DemandedQty = document.getElementById("DemandedQty").value; var UoM = document.getElementById("UoM").value; var Class = document.getElementById("Class").value; var Description = document.getElementById("Description").value; var BINLocation = document.getElementById("BINLocation").value; var RequestedBy = document.getElementById("RequestedBy").value; var ApprovedBy = document.getElementById("ApprovedBy").value; var ReceivedBy = document.getElementById("ReceivedBy").value; var IssuedBy = document.getElementById("IssuedBy").value; document.stock_requisition.action="StockRequisitionSave.php?sr_date="+sr_date+"&sr_number="+sr_number+"&Items1="+Items1+ "&SubItems="+SubItems+"&ItemCode="+ItemCode+"&DemandedQty="+DemandedQty+"&UoM="+UoM+"&Class="+Class+"&Description="+ Description+"&BINLocation="+BINLocation+"&RequestedBy="+RequestedBy+"&ApprovedBy="+ApprovedBy+"&ReceivedBy="+ReceivedBy+ "&IssuedBy="+IssuedBy; document.stock_requisition.submit(); alert("Stock Requisition data save."); window.location = "StockRequisition.php"; } </script> </head> <body> <form name="stock_requisition" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <div id="ddcolortabs"> <ul> <li> <a href="ParameterSettings.php" title="Parameter Settings"><span>Parameter Settings</span></a></li> <li style="margin-left: 1px"><a href="kanban_report.php" title="WIP Report"><span>Wip Report</span></a></li> <li><a href="fsn.php" title="Finished Stock Note"><span>WMS FG</span></a></li> <li id="current"><a href="StockRequisition.php" title="WMS RM"><span>WMS RM</span></a></li> </ul> </div> <div id="ddcolortabs1"> <ul> <li><a href="ReceivingMaterials.php" title="Receiving Materials"><span>Receiving Materials</span></a></li> <li><a href="Shelving.php" title="Shelving"><span>Shelving</span></a></li> <li id="current"><a href="StockRequisition.php" title="Stock Requisition"><span>Stock Requisition</span></a></li> </ul> </div> <div id="SR_date"> <label>Date :</label> <input type="text" name="sr_date" value="<?php echo $sr_date; ?>" size="16" readonly="readonly" style="border: none;"> </div> <div id="SR_number"> <label>SR# :</label> <input type="text" name="sr_number" value="<?php echo $currentSR; ?>" size="10" readonly="readonly" style="font-weight: bold; border: none;"> <br/> </div> <div> <table> <thead> <th>Items</th> <th>Sub Items</th> <th>Item Code</th> <th>Demanded Qty</th> <th>UoM</th> <th>Class</th> <th>Description</th> <th>BIN Location</th> </thead> <?php $sql = "SELECT DISTINCT Items FROM bom_subitems ORDER BY Items"; $res_bom = mysql_query($sql, $con); while($row = mysql_fetch_assoc($res_bom)){ $Items = $row['Items']; echo "<tr> <td style='border: none;font-weight: bold;'> <input type='name' value='$Items' name='Items' id='Items' readonly = 'readonly' style = 'border:none;width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='5'></td> </tr>"; $sql = "SELECT Items, SubItems, ItemCode, UoM, Class, Description, BINLocation FROM bom_subitems WHERE Items = '$Items' ORDER BY Items"or die(mysql_error()); $res_sub = mysql_query($sql, $con); while($row_sub = mysql_fetch_assoc($res_sub)){ $Items1 = $row_sub['Items']; $SubItems = $row_sub['SubItems']; $ItemCode = $row_sub['ItemCode']; $UoM = $row_sub['UoM']; $Class = $row_sub['Class']; $Description = $row_sub['Description']; $BINLocation = $row_sub['BINLocation']; echo "<tr> <td style='border: none;'> <input type='hidden' value='$Items1' id='Items1' name='Items1'></td> <td style='border: none;'> <input type='text' name='SubItems' value='$SubItems' id='SubItems' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='10'></td> <td style='border: none;'> <input type='text' name='ItemCode' value='$ItemCode' id='ItemCode' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='10'></td> <td style='border: none;'><center><input type='text' name='DemandedQty' id='DemandedQty' value='' size='7'></center></td> <td style='border: none;' size='3'> <input type='text' name='UoM' value='$UoM' id='UoM' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='3'></td> <td style='border: none;'> <input type='text' name='Class' value='$Class' id='Class' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='10'></td> <td style='border: none;'> <input type='text' name='Description' value='$Description' id='Description' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='10'></td> <td style='border: none;'> <input type='text' name='BINLocation' value='$BINLocation' id='BINLocation' readonly='readonly' style='border:none; width:auto;font-family: Arial, Helvetica, sans-serif;font-size: 1em;' size='10'></td> </tr>"; } } ?> </table> </div> <?php $RequestedBy = array('AAA', 'BBB', 'CCC', 'DDD'); $ApprovedBy = array('EEE', 'FFF', 'GGG', 'HHH'); $ReceivedBy = array('III', 'JJJ', 'KKK', 'LLL'); $IssuedBy = array('MMM', 'NNN', 'OOO', 'PPP'); ?> <div id='Requested_By'> <label>Requested By:</label> <select name="RequestedBy"> <option value="Select">Select</option> <option value="AAA" <?php if($_POST['RequestedBy'] == 'AAA') echo "selected='selected'"; ?>>AAA</option> <option value="BBB" <?php if($_POST['RequestedBy'] == 'BBB') echo "selected='selected'"; ?>>BBB</option> <option value="CCC" <?php if($_POST['RequestedBy'] == 'CCC') echo "selected='selected'"; ?>>CCC</option> <option value="DDD" <?php if($_POST['RequestedBy'] == 'DDD') echo "selected='selected'"; ?>>DDD</option> </select> </div> <div id='Approved_By'> <label>Approved By:</label> <select name="ApprovedBy"> <option name='Select'>Select</option> <option value="EEE" <?php if($_POST['ApprovedBy'] == 'EEE') echo "selected='selected'"; ?>>EEE</option> <option value="FFF" <?php if($_POST['ApprovedBy'] == 'FFF') echo "selected='selected'"; ?>>FFF</option> <option value="GGG" <?php if($_POST['ApprovedBy'] == 'GGG') echo "selected='selected'"; ?>>GGG</option> <option value="HHH" <?php if($_POST['ApprovedBy'] == 'HHH') echo "selected='selected'"; ?>>HHH</option> </select> </div> <div id='Received_By'> <label>Issued By:</label> <select name="IssuedBy"> <option name='Select'>Select</option> <option value="III" <?php if($_POST['ReceivedBy'] == 'III') echo "selected='selected'"; ?>>III</option> <option value="JJJ" <?php if($_POST['ReceivedBy'] == 'JJJ') echo "selected='selected'"; ?>>JJJ</option> <option value="KKK" <?php if($_POST['ReceivedBy'] == 'KKK') echo "selected='selected'"; ?>>KKK</option> <option value="LLL" <?php if($_POST['ReceivedBy'] == 'LLL') echo "selected='selected'"; ?>>LLL</option> </select> </div> <div id='Issued_By'> <label>Received By:</label> <select name="ReceivedBy"> <option name='Select'>Select</option> <option value="MMM" <?php if($_POST['IssuedBy'] == 'MMM') echo "selected='selected'"; ?>>MMM</option> <option value="NNN" <?php if($_POST['IssuedBy'] == 'NNN') echo "selected='selected'"; ?>>NNN</option> <option value="OOO" <?php if($_POST['IssuedBy'] == 'OOO') echo "selected='selected'"; ?>>OOO</option> <option value="PPP" <?php if($_POST['IssuedBy'] == 'PPP') echo "selected='selected'"; ?>>PPP</option> </select> </div> <div id="save_btn"> <input type="button" name="button" value="save" onClick="save_sr()"> </div> </form> </body> </html> and here is StockRequisitionSave.php code for saving data to database : <?php error_reporting(0); date_default_timezone_set("Asia/Singapore"); //set the time zone $con = mysql_connect('localhost', 'root',''); if (!$con) { echo 'failed'; die(); } mysql_select_db("mes", $con); $sr_date = $_POST['sr_date']; $sr_number = $_POST['sr_number']; $Items1 = $_POST['Items1']; $SubItems = $_POST['SubItems']; $ItemCode = $_POST['ItemCode']; $DemandedQty = $_POST['DemandedQty']; $UoM = $_POST['UoM']; $Class = $_POST['Class']; $Description = $_POST['Description']; $BINLocation = $_POST['BINLocation']; $RequestedBy = $_POST['RequestedBy']; $ApprovedBy = $_POST['ApprovedBy']; $ReceivedBy = $_POST['ReceivedBy']; $IssuedBy = $_POST['IssuedBy']; $sql = "INSERT INTO stock_requisition (sr_date, sr_number, Items, SubItems, ItemCode, DemandedQty, UoM, Class, Description, BINLocation, RequestedBy, ApprovedBy, ReceivedBy, IssuedBy) VALUES ('$sr_date', '$sr_number', '$Items1', '$SubItems', '$ItemCode', '$DemandedQty', '$UoM', '$Class', '$Description', '$BINLocation', '$RequestedBy', '$ApprovedBy', '$ReceivedBy', '$IssuedBy') "; $result = mysql_query($sql, $con); ?> the problem is only the last data was save. I will attach my form. I hope somebody can help me.. I really don't know how can I save all data from form into my database. Thank you so much for your understanding and help. Hi, My understanding of 'SHA' command is to encrypt the password, however is there a way to decrypt the password after the encryption? Thanks $query = "INSERT INTO mismatch_user (username, password, join_date) VALUES ('$username', SHA('$password1'), NOW())"; what is a code to decrypt md5 password for viewing by member? the second database found on the cloud
i try to get JSON data but how to insert and update them to another online database with the same table my php script to return json data <?php include_once('db.php'); $users = array(); $users_data = $db -> prepare('SELECT id, username FROM users'); $users_data -> execute(); while($fetched = $users_data->fetch()) { $users[$fetchedt['id']] = array ( 'id' => $fetched['id'], 'username' => $fetched['name'] ); } echo json_encode($leaders);
i get
{"1":{"id":1,"username":"jeremia"},"2":{"id":2,"username":"Ernest"}} Edited March 24 by mahenda Hi I allow users to log in, they are redirected to a page and in the url their account ID is carried e.g. accountid=2. Obviously they could alter the number and potentially see other members details. What is the best way to hide this information? Thanks I have a form on our website that a user can fill out for custom product. I want the form data to be 1) stored into a mysql database AND after storing said data, 2) email the same data to our sales department. 1) The form data DOES get stored into mysql database (except for the first two fields, for some weird reason) 2) I added a "mail" section to the php file that stores the data into the database, but it is not working correctly. I have stripped the email portion down to sending just one of the fields in the "message" to make it easier for troubleshooting I have included here, both the form section of the html file, and the formdata.php file that processes the data for your analysis. I am relatively new to php so there are going to be some issues with security, but I can work on those after I get the store & email process to work correctly. Please review my code and see if anyone can be of assistance. I looked through the forums and couldn't find another issue that was the same as mine. If I just overlooked, please tell me the thread post #. Thanks THE FORM WHICH COLLECTS THE DATA ******************************* <form method=POST action=formdata.php> <table width="640" border=0 align="center"> <tr> <td align=right><b>First Name</b></td> <td><input type=text name=FName size=25></td> <td><div align="right"><b>Telephone</b></div></td> <td><input type=text name=Tel size=25></td> </tr> <tr> <td align=right><b>Last Name</b></td> <td><input type=text name=LName size=25></td> <td><div align="right"><b>Fax</b></div></td> <td><input type=text name=Fax size=25></td> </tr> <tr> <td align=right><b>Title</b></td> <td><input type=text name=Title size=25></td> <td><div align="right"><b>Email</b></div></td> <td><input type=text name=Email size=50></td> </tr> <tr> <td align=right><b>Company</b></td> <td><input type=text name=Comp size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Address</b></td> <td><input type=text name=Addr size=25></td> <td><div align="right"><b>Estimated Annual Volume</b></div></td> <td><input type=text name=EAV size=25></td> </tr> <tr> <td align=right><b>City</b></td> <td><input type=text name=City size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>State/Province</b></td> <td><input type=text name=SProv size=25></td> <td><div align="right"><b>Application</b></div></td> <td><input type=text name=Appl size=25></td> </tr> <tr> <td align=right><b>Country</b></td> <td><input type=text name=Ctry size=25></td> <td><div align="right"><b>Type of System</b></div></td> <td><input type=text name=Syst size=25></td> </tr> <tr> <td align=right><b>Zip/Postal Code</b></td> <td><input type=text name=ZPC size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td><div align="right"><strong><font color="#FFFF00" face="Arial, Helvetica, sans-serif">COIL DESIGN</font></strong></div></td> <td><font color="#FFFF00" face="Arial, Helvetica, sans-serif"><strong>PARAMETERS</strong></font></td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Primary Resistance (ohms)</b></td> <td><input type=text name=Pres size=25></td> <td><div align="right"><b>Primary Inductance (mH)</b></div></td> <td><input type=text name=Pind size=25></td> </tr> <tr> <td align=right><b>Secondary Resistance (ohms)</b></td> <td><input type=text name=Sres size=25></td> <td><div align="right"><b>Secondary Inductance (H)</b></div></td> <td><input type=text name=Sind size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Peak Operating Current (Amps)</b></td> <td><input type=text name=POC size=25></td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b>Output Energy (mJ)</b></td> <td><input type=text name=Egy size=25></td> <td><div align="right"><b>Output Voltage (kV)</b></div></td> <td><input type=text name=Volt size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right><b># HV Towers per Coil</b></td> <td><input type=text name=TPC size=25></td> <td><div align="right"><b># of Coils per Package</b></div></td> <td><input type=text name=CPP size=25></td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td align=right> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <th colspan=4><b>Please enter any additional information he </b></th> </tr> <tr> <th colspan=4><textarea name=Mess cols=50 rows=10 id="Message"></textarea></th> </tr> </table> </dl> <div align="center"> <p> <input type=hidden name=BodyTag value="<body bgcolor="#484589" text="#FFFFFF" link="#FFFF00" alink="#FFFFFF" vlink="#FF7F00">"> <input type=hidden name=FA value=SendMail> </p> <p><font color="#FFFF00" face="Arial, Helvetica, sans-serif"><strong>PLEASE MAKE SURE ALL INFORMATION<br> IS CORRECT BEFORE SUBMITTING</strong></font></p> <p> <input type=submit value="Submit Form"> </p> </div> </form> THE FILE THAT PROCESSES THE FORM DATA (formdata.php) *********************************************** <?php $con = mysql_connect("localhost","XXX","XXX"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("customform", $con); $sql="INSERT INTO formdata (Fname, Lname, Title, Comp, Addr, City, SProv, Ctry, ZPC, Tel, Fax, Email, EAV, Appl, Syst, Pres, Pind, Sres, Sind, POC, Egy, Volt, TPC, CPP, Mess) VALUES ('$_POST[Fname]','$_POST[Lname]','$_POST[Title]','$_POST[Comp]','$_POST[Addr]','$_POST[City]','$_POST[SProv]','$_POST[Ctry]','$_POST[ZPC]','$_POST[Tel]','$_POST[Fax]','$_POST[Email]','$_POST[EAV]','$_POST[Appl]','$_POST[Syst]','$_POST[Pres]','$_POST[Pind]','$_POST[Sres]','$_POST[Sind]','$_POST[POC]','$_POST[Egy]','$_POST[Volt]','$_POST[TPC]','$_POST[CPP]','$_POST[Mess]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Your Information Was Successfully Posted"; mysql_close($con); $to = "recipient email address here"; $subject = "Custom Form"; $email = $_POST['Email'] ; $message = $_POST['Comp'] ; $headers = "From: $Email"; $sent = mail($to, $subject, $message, $headers) ; if($sent) {print "Your mail was sent successfully"; } else {print "We encountered an error sending your mail"; } ?> Is there an alternative way to encode url params besides: base64_encode() examples would be great. Hi all I wonder if somebody could give me some guidance on this. I manage a website programmed in PHP and having MySQL backend. Recently some of my clients raised concerns about the security of their data. It is not credit card information or so, however I would like to sort it out. I have a button on the web site which the clients click to tell me that their data should now be analysed and a report sent to them. My php program pulls out the records for this particular user and writes them into an excel file on my web space(on a shared hosting). The same php program then attaches this excel file to an email and sent it to me. I want to make sure that this data in the excel file is securely transmitted during the above process. Any help would be much appreciated. Carol Hi, I want to send a URL to a user with their name in it: index.php?user=tom how can I encrypt this name so that I can track what they do but if I was hacked nobody else could determine who the user was? Thanks Hi, for my php program running in command line (windows cmd), the user must login first, so my ques is how can they enter the password as ***** when they are typing for example? all help appreciated. Hello! I've got an issue! I'm trying to pass a very very long variable from JS to PHP through $_GET, but it seems too long for get. Is there any encryption function that works on both JS and PHP, so I can encrypt it in JS, send it though GET and decrypt it in PHP? Thanks ! Can php encrypt a link so that it's hidden or expires after a download or x number of days? An example of this use would be on music download sites. Hey guys! I have a doubt and this is a question that relates Flash and PHP... I have a flash (swf) file that grabs/sends variables from/to php. That swf file is FULLY encrypted and the paths to the PHP urls are also encrypted. Is there any other way a hacker could find out where and which my PHP files are located/named? Any ideas, suggestions? Thanks in advance! Cheers, This is my code it's not working.
$username = $_POST['username'];
$password = $_POST['password'];
$encrypt_password = md5($password);
$email = $_POST['email'];
$usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$encrypt_password'";
//--> Below is the INSERT Code
$query = "INSERT INTO `x_users` (username, password, email) VALUES ('$username', '$encrypt_password', '$email')";
$result = mysql_query($query);
if($result == 1) {
print("Thank you, your accout has been created!");
}
Can anyone tell me why the md5() function is not working?
Edited by Tom8001, 28 November 2014 - 07:49 PM. |
|||||||