|
PHP - Recommended Sql Datatype For Bcrypt Hash
http://php.net/manua...ssword-hash.php shows a simple example to hash a password using BCRYPT. I've read different posts recommending CHAR(60), BINARY(60), BINARY, and even BINARY(40).
What are the pros and cons of using one datatype over another?
<?php
/**
* In this case, we want to increase the default cost for BCRYPT to 12.
* Note that we also switched to BCRYPT, which will always be 60 characters.
*/
$options = [
'cost' => 12,
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options)."\n";
?>
Similar TutorialsIs bycrypt worth using for login/register scripts (ie; hasing passwords)? It seems super secure, but how much will it slow down my server? Does anyone have experience using bcrypt in their login scripts? Hi every one, Here is the problem.. I have a string which looks like this '(243/433)*100' , i want to calculate its value, but dont know how to do. if i use type conversion then value becomes zero. Please help. if($_POST['Submit']=="Check"){ $issueid=(int)$_POST['issueid']; $returndate=mysql_real_escape_string($_POST['returndate']); list($temp)= mysql_fetch_row(mysql_query("select issueid FROM issue where issueid='$issueid'")); if($temp!=NULL){ $insert_query="insert into returning values($issueid,'$returndate')"; $result=mysql_query($insert_query,$linkID1); if($result){ list($bookid,$account,$issuedate,$duedate)= mysql_fetch_row(mysql_query("select bookid,account,issuedate,duedate FROM issue where issueid='$issueid'")); list($title,$name,$fine)= mysql_fetch_row(mysql_query("select title,name,fine FROM book,user where bookid='$bookid' AND acc='$account'")); $insert_book="update book set copies=copies+1 where bookid='$bookid'"; $result=mysql_query($update_book,$linkID1); Quote i want to take difference of $duedate and $returndate and store it to another variable checks that variable for number of days in it I was wondering just a general question here. I am just going through a text book on the main aspects of a problem solving approach to PHP, but when I was just trying out one of my own theories on this particular one of my own: <html> <body> <h1>User Input set as functions</h1> <tt>Please enter a value below:</tt> <br> <form id="userInput" name="userInput" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get"> <input type="text" id="input" name="input" value="" /> <input type="submit" value="Send This" /> </form> <?php function mistake($errorvalue) { echo $errorvalue; } function getValue($userInput) { return $userInput; } if(!isset($_GET['input']) || $_GET['input'] == '') { mistake("No value received yet!"); // calls the error function } else { $input = $_GET['input']; echo "You did enter something, this was: "; $userInput = getValue($input); echo "$userInput"; } ?> </body> </html> I am quite impressed with what I have done there, though I know its nothing special and could obviously be done not using functions at all, just wanted to see if I could get one that returns something, in this case the 'getValue()' function. But when I've set it to work out what type of variable ie gettype is it? (going off completely memory here), its always a string, even if all I do is enter a 1, even tried not using the GET method for the form and used the POST one instead it still says that a single integer is a string. Why just out of question is it doing this? Just quite interested thats all. Thanks for your time and I look forward to any replies, Jeremy. Im getting a warning with in_array.I have used if() inside for loop to check if value has already been printed or not. If not it will print and save the value in $done[].Can someone please point me out my mistake that i am getting a warning. Code: [Select] <?php for($i=0;$i<=$count;$i++) { $count_final = explode("_", $result[$i]); if (in_array($count_final[0],$done)) { //Line 480 echo "<tr>"; echo"<td>$count_final[0]</td>"; $templ = $count_final[0]."_left"; $tempr = $count_final[0]."_right"; $cleft = $count_middle[$templ]; $cright = $count_middle[$tempr]; echo"<td>$cright</td>"; echo"<td>$cleft</td>"; echo "</tr>"; $done[] = $count_final[0]; } } ?> Code: [Select] Warning: in_array() [function.in-array]: Wrong datatype for second argument in C:\Users\\Desktop\yyy.php on line 480 Per line 79 of the latest php.ini file (http://git.php.net/?...duction;hb=HEAD), the production php.ini file is recommended for both production and development. Agree?
I would like to know the “typical” recommended changes to this file for both production and development. My requirements should be assumed typical with the following qualifications:
Installed using yum on Centos
Apache/2.2.15
MySQL (PDO)
Either a physical machine or VPS (not a shared host)
Primary US market
Hopefully, this provides enough description, and if you still feel it totally depends on each individual’s unique needs, please let that remain unsaid.
Below is my initial assessment:
Line 445: Change error_reporting to E_ALL for development only.
Line 462: Change display_error to On for development only.
Line 473: Change display_startup_error to On for development only.
Line 568: Leave error_log blank so they go to the SAPI Error Logger (what does this mean?)
Line 656: Change post_max_size if specifically needed for the application. Ideally, this would be changes in a particular script, however, I don’t think this is possible.
Line 676: Should default_charset remain at “UTF-8”?
Line 799: Change upload_max_filesize if specifically needed for the application. Ideally, this would be changes in a particular script, however, I don’t think this is possible.
Any other recommended changes?
Thank you
have a database with a column of datatype EM (multiple selection, say apples, oranges, grapes) I want to have a form with checkboxes for those values (apples, oranges, grapes etc) so one can select a breakfast basket type that contains for example, oranges and grapes. It would pull from the database those baskets with those selection of fruits (specified in the column 'Fruits', which is a EM datatype column. (I have a multiple selection when entering the values for the column.) Can it be done? Should I make another table with FruitNames? Hello I'm using tcpdf to convert some stuff to pdf. On my local computer running wamp my script works perfect and the pdf is generated without problems When i put my files in a webserver i got this error: Warning: in_array() [function.in-array]: Wrong datatype for second argument in /home/vieira/public_html/topdf/dbcon.class.php on line 68 Line 68 is: if(in_array($key,$arr_switches)){ //check switches My complete code is: // Get fields of enum on/off switches type $result2 = mysql_query("SHOW FIELDS FROM $db_name.$table"); $counter=0; while($row = @mysql_fetch_array($result2)){ //echo $row['Field'] . ' ' . $row['Type']."<br/>"; if($row['Type'] === "enum('on','off')"){ $arr_switches[$counter] = $row['Field']; $counter++; } } //print"<pre>"; print_r($arr_switches); print"</pre>";exit; $counter = 0; while($row = @mysql_fetch_array($result)){ foreach( $row as $key => $val ){ if(!is_numeric($key)) { $row_rs_certidao[$key] = $val; if(in_array($key,$arr_switches)){ //check switches $record_key[$counter] = htmlentities('<?php if (!(strcmp($row_rs_certidao['."'".$key."'".'],"on"))) {echo "x";} ?>'); if($val==='on') $record_val[$counter] = "x"; //turn on switches else $record_val[$counter] = ''; //turn off }else{ $record_key[$counter] = htmlentities('<?php echo $row_rs_certidao['."'".$key."'".']; ?>'); $record_val[$counter] = htmlentities($val); } $counter++; } } } Anyone can help? Hey, I have always wondered if there is a correct way of displaying variables inside html. Typically I would echo each variable inside php tags when displaying outside of a loop but what would you recommend for a while loop while more than say 5 variables to display? Code: [Select] echo "<tr><td>".$var1."</td></tr>"; OR Code: [Select] <tr><td><?php echo $var1; ?></td></tr> I look at my phpinfo() output, and it has ISO-8859-1 and ISO-8859-15 all over it. UTF is not listed once.
Furthermore, mb_internal_encoding() displays it as ISO-8859-1.
For the most part, I stick to the default settings unless I have a specific reason to change.
Should I be changing php.ini to use UTF-8? If so, any specific advice how to do so? This whole encoding issue has been causing me major grief today
For PHP 7.4, what is the recommended session length that I should be using to have the best security? In DEV< in my php.ini file, session.sid_length = 26 According to the comments above that, it sounds like you can go up to 256. Is it fair to assume that larger is more secure? Also, if I set it to a larger size like 256, is tehre any risk of breaking things on my (VPS) web server running WHM/cPanel? I typically structure my applications something like the following. I lump general functionality into a given component. For instance, I might have com_users component which deals with user administration, and implements the ability to view a list of users, view a given user, delete a user, edit a user, etc. This structure was borrowed long ago from my learning PHP Joomla days which I no longer use. index.php figures out which component is being accessed, evokes the controller which gets data from the model and sends the data to the view. The view defined in each component only deals with the central content, and mainTemplate.php deals with the peripheral. First question. Is there anything inherently wrong with this approach? Second question. I am looking to start using Twig. Would this same structure work? I would replace /var/www/html/lib/templates/mainTemplate.php with a Twig file, and replace var/www/components/component1/views/view-1-1.php, etc with Twig files which extends the main Twig template. /var/www/components/component1/controllers/controller-1-1.php /var/www/components/component1/controllers/controller-1-2.php /var/www/components/component1/models/model-1-1.php /var/www/components/component1/views/view-1-1.php /var/www/components/component2/etc/etc /var/www/html/lib/templates/mainTemplate.php /var/www/html/lib/templates/mainCSS.css /var/www/html/lib/js/someJSforAllComponents.js /var/www/html/lib/components/component1/js/someJSForComponent1.js /var/www/html/index.php This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=326872.0 Hey PHPFreaks! I'm designing an online application using OOP. This is by no means my first application, but it is using Object Oriented techniques, so I come to you helpful folks with a question.Essentially, I would like to be able to find out about recommended ways to approach page templates in a class design, as well as other general good class design practices specific to server-side languages. So, without further ado, what is considered a good/recommended method of approaching template design using OOP? For example, a base template class which can be extended for multiple themes, so additional themes don't have to recreate the core functionality if they decide not to change it. It seems that there are a lot of methods to approach it, which is why I'm here! Any help you can provide would be greatly appreciated! Guys, Having a major headache here. I need to send an enquiry using jquery and php. The user can only send an enquiry if they are logged in - so it's a one click process. On the click (which is an <a> tag) the user's data is retrieved from the database and sent to the company they are enquiring about. When the link is clicked, a jquery popup is shown to notify the user that the enquiry has been sent. This all works. However, currently the enquiry is sent when the page loads and this is what I'm having trouble with. Code: [Select] <a href="#e" onclick="openinfobox('Enquiry Sent', 1)" class="enq"></a>What I want to do is say if the URL contains #e, then send the enquiry, otherwise do nothing. I understand that the # portion of the url cannot be referenced by PHP. How on earth can I run php process to say only run this php process if there is a # in the url? Is a hash array the same thing as an associative array? My PHP books make no reference to this, yet I have seen the term referred to. Thanks. Are there any PHP hashes that are extremely secure and that CANNOT be reverse-engineered?
I have a section on my website where the url points to www.example.com/some_page#some_element #some_element is used by javascript to load the element in question into the parent element. However i need pagination done on this loaded element. How should i go about it? would it work? obv i cant use www.example.com/some_page#some_element/page/2. Any tips or advice? Hi,
Recently I've been trying writing a safe password hash and I wanted to know that if I use an MD5 hash at the end, just so it will be like some short of "packed",so instead of saving a 128 string, I'll use md5 to "pack" it into 32 characters and save up to 96 characters.
I know MD5 isn't safe and all, but the question is, does it lower the security ?
Also, would be happy for feedbacks about my password hash
function hash_($input,$key) {
$op=hash("whirlpool",hash("sha512",$key) . "$" . $input . "$" . hash("sha512",$key));What is the difference between the hash algo "tiger192,3" and "tiger192,4"? I ran fsum/HashCalc to get a TIGER hash from a string and it is different with either "tiger192,3" or "tiger192,4". I also tried using the hash as hex string input to rehash 3 or 4 times, but still cannot get an equivalent to that of "tiger192,3" or "tiger192,4"... |
|||||||