PHP - Time Waste? Encrypt Mysql With Openssl?

Hi i have php script which i have been running on on my web server which is dreamhost which is working fine...

but here's  the twist i have just set-up a xampp server apache 2.2 on my windows 7 machine my website is running fine expect for the openssl encrypt script which is filing to encrypt

here's a sample of my code.

$MY_KEY_FILE = "c:\\xampp\\apache\\bin\\my-prvkey.pem";

# public certificate file to use
$MY_CERT_FILE = "c:\\xampp\\apache\\bin\\my-pubcert.pem";

# Paypal's public certificate
$PAYPAL_CERT_FILE = "c:\\xampp\\apache\\bin\\paypal_cert_pem.txt";

# path to the openssl binary
$OPENSSL = "c:\\xampp\\apache\\bin\\openssl.exe";
 


$form = array('cmd' => '_xclick',
        'business' => 'removed business name for security ',
        'cert_id' => 'removed cert id for security',
        'lc' => 'AU',
        'custom' => ''.$id.'',
        'invoice' => removed business name for security',
        'currency_code' => 'AUD',
        'no_shipping' => '1',
        'item_name' => 'removed business name for security',
        'item_number' => '1',
   'amount' => $total
   );


   $encrypted = paypal_encrypt($form);


function paypal_encrypt($hash)
{
   //Sample PayPal Button Encryption: Copyright 2006-2010 StellarWebSolutions.com
   //Not for resale - license agreement at
   //http://www.stellarwebsolutions.com/en/eula.php
   global $MY_KEY_FILE;
   global $MY_CERT_FILE;
   global $PAYPAL_CERT_FILE;
   global $OPENSSL;


   if (!file_exists($MY_KEY_FILE)) {
      echo "ERROR: MY_KEY_FILE $MY_KEY_FILE not found\n";
   }
   if (!file_exists($MY_CERT_FILE)) {
      echo "ERROR: MY_CERT_FILE $MY_CERT_FILE not found\n";
   }
   if (!file_exists($PAYPAL_CERT_FILE)) {
      echo "ERROR: PAYPAL_CERT_FILE $PAYPAL_CERT_FILE not found\n";
   }


   //Assign Build Notation for PayPal Support
   $hash['bn']= 'StellarWebSolutions.PHP_EWP2';

   $data = "";
   foreach ($hash as $key => $value) {
      if ($value != "") {
         //echo "Adding to blob: $key=$value\n";
         $data .= "$key=$value\n";
      }
   }
// here's where i believe the problem is when creating and signing the my_cert_file i had to specify where the openssl.cnf file was do i need to do same here..
-config c:\\xampp\\apache\\bin\\openssl.cnf


   $openssl_cmd = "($OPENSSL smime -sign -signer $MY_CERT_FILE -inkey $MY_KEY_FILE " .
                  "-outform der -nodetach -binary <<_EOF_\n$data\n_EOF_\n) | " .
                  "$OPENSSL smime -encrypt -des3 -binary -outform pem $PAYPAL_CERT_FILE";

   exec($openssl_cmd, $output, $error);

   if (!$error) {
      return implode("\n",$output);
   } else {
      return "ERROR: encryption failed";

      
   }
   echo $output;

};

 

Hi

I develop a system using OPenSSL for Rijndael-256 (RSA-256) encryption. It works weel on an Apache server with PHP 5.3.2 on Windows and on a Linux server.
But, on a Mac, I experience a weird problem.
When I send a block to be decrypted, it works some times, and, without any reason, it stops and stays blocked for a while. And suddenly, it works again.
When it crashes, I have the error message :

Code: [Select]
Wrong request for connection error:0906D06C:PEM routines:PEM_read_bio:no start line
I searched on Google and couldn't really find any solution. I read it seemed to be related to the keys format.
The public key used for encryption is like :
Code: [Select]
-----BEGIN PUBLIC KEY-----
...
-----END PUBLIC KEY-----

And the private is like :
Code: [Select]
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

Has anybody met that problem before and/or know where it comes from and how to fix it ?

Thanks

Hello guys, i need to create a code for making connections with SSL servers (particularly SMTPS and POP3S) and i know about the existence of OpenSSL extension.

However, i'm in doubt about a basic issue:

1. Is this extension useful for creating SSL clients or SSL servers?

I'm not a SSL expert, so maybe i'm misunderstanding something; i hope you can help me.

Kind regards.

I am trying to use SSH2 functions in PHP and I read the documentation for each LIBSSH2, OpenSSL and PECL SSH2 and I can't figure out how to install any of them on the Windows Server X64 box. Does anyone know how to do this?

http://www.php.net/manual/en/ssh2.requirements.php
http://pecl.php.net/package/ssh2
http://www.openssl.org/
http://www.libssh2.org/

Thanks,
sanchez

Hi

I allow users to log in, they are redirected to a page and in the url their account ID is carried e.g. accountid=2.  Obviously they could alter the number and potentially see other members details.  What is the best way to hide this information?


Thanks

Hi guys.

I want to make two records.

1)Current time and date.
2)Time and date after 20 seconds.

Now i have this piece of code:
Code: [Select]
<?php
$hr  = 0;
$min = 0;
$sec = 11;

echo $date = date("Y-m-d H:i:s");echo "\n";
echo $modified = time() + (0 * 0 * 0 * 20);

?>

I think there is something wrong with this line:
Code: [Select]
<?php
echo $modified = time() + (0 * 0 * 0 * 20);1
?>I get something like this: 1324668576.

You can check this http://kingstonuni.atspace.co.uk/RPG/muziejus.php link to get a better view.

Any help would be appreciated. Thank you.

Hi, for my php program running in command line (windows cmd), the user must login first, so my ques is how can they enter the password as *****
when they are typing for example?

all help appreciated.

Hi all
I wonder if somebody could give me some guidance on this.

I manage a website programmed in PHP and having MySQL backend. Recently some of my clients raised concerns about the security of their data. It is not credit card information or so, however I would like to sort it out.

I have a button on the web site which the clients click to tell me that their data should now be analysed and a report sent to them. My php program pulls out the records for this particular user and writes them into an excel file on my web space(on a shared hosting). The same php program then attaches this excel file to an email and sent it to me.

I want to make sure that this data in the excel file is securely transmitted during the above process.

Any help would be much appreciated.

Carol

Is there an alternative way to encode url params besides:
base64_encode()

examples would be great.

Hi, I want to send a URL to a user with their name in it: index.php?user=tom

how can I encrypt this name so that I can track what they do but if I was hacked nobody else could determine who the user was?

Thanks

Hey guys, im having a slight issue with comparing mysql time stamp.
I'm using the timestamp in mysql to show how many people are online with in 5 minutes.

$sql = mysql_query("SELECT name,id FROM users WHERE DATE_SUB(NOW(),
INTERVAL 5 MINUTE) <= last_active ORDER BY id ASC"); 

But I want to grab last_active from the data base and compare it like below.  I dont know if strtotime just doesnt compare with mysql time stamp or what?

if($last_active > strtotime('-5 minutes')) {

echo "<td>Online</td>";
}else{
echo "<td>Offline</td>";

} 

hello guys.

i sitting here at my pc , have used alot days on google and forums.
but i just cant seem to find what i am looking for

so i hope that anyone here got a min to tell me what to do 

okai soo what i am looking for is a php / mysql script that can countdown for a user , when its finish add a number ( to usertabel[2].
and the problem is it need to do it also if the user closes the browser.

i am total lost , have no ide to fix / wihte it
 



Sorry for my spelling i am danish 

Hello guys. I am creating a PHP/mySQL based RPG. I have implemented training feature in it. So i want to make training possible every 15 minutes or so. Can you give me an advice how to achieve that? Thank you!

I need to write a bit of code to select some mp3's (actually, just the titles) from a database...but I need to select them based on last play (which is a timestamp field in the DB) AND I need to select 14 minutes worth of them (and not more than 15 minutes).  I currently do NOT know how long each song is...

So, if every song was 2 minutes long, I would need 7 songs.  If each song was 3 minutes long, I'd need to select 5 of them.

I currently do NOT have a length field in the db (the boss sprung this on me after I designed the DB).  A few questions:

Would it be best to have a column of TIME (mysql time...not the name of the column)? 

Would it be best to have a column for the raw size of the file (each file is the same bitrate, so I could do the math - plus it would be probably be easier to import raw filesize using php into the db)

Would it be easier to do something else?

Once we answer that, I'll start with some code...and probably be back for help!

hey, here is the code I am using.

Code: [Select]
mysql_connect("localhost","XXXXXX","XXXXXX") or die("Could not connect.");
mysql_select_db("XXXXXX");

$query="SELECT * FROM VIDEO_SESSIONS";
$result=mysql_query($query);

while ($db_field = mysql_fetch_assoc($result)) {
$timeslider = $db_field['timeslider'];
}

$message=$_POST['message'];

$name=$me['first_name'];

if(isset($_POST['submit'])){

    if(strlen($message)<1)

   {
      print "You did not input a message";
   }

   else if(strlen($name)<1)

   {
      print "Please login with Facebook to post a message";
   }

 
      else

      {


         $insertmessage="INSERT INTO CHAT_SESSIONS
(user_id,user_message,current_time)
VALUES
('$name', '$message', '$timeslider')";
         mysql_query($insertmessage);
         echo mysql_error();


      }

   }


?>
I am getting this error everytime I try and INSERT into the database

" You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'current_time) VALUES ('Luke', 'Hello?', '00:23:00')' at line 2 "

it works fine without the '$timeslider' which is a time stored on the database in the format 00:00:00
why does it not want to store the time back in a different table.. same format!?