I'm in the horrible situation where I need a one-page script to hold
it's own password and validate itself. I coded this together, I want
this lists opinion as to whether or not it holds water, considering
the circumstance:
<?php
$sha1_pw="5218lm849l394k1396dip4'2561lq19k967e'30";
if ( $_COOKIE["password"] != sha1($sha1_pw) ) {
$varis=explode("/",$PATH_INFO);
$pre_password=explode("&",$varis[1]);
if ( sha1( substr($pre_password[0],0) ) == $sha1_pw ) {
setcookie("password", sha1($sha1_pw) );
header("Location: ".$_SERVER["SCRIPT_NAME"]."/".rand(999,99999));
exit;
} else {
print "Fvck Off";
exit;
}
}
// REST OF PAGE
?>
The idea is that the user could call the page like this:
http://server.com/directory/page.php/MyPassword
and the page would refresh to not show his password, yet keep him logged in.
Thanks for any and all input.
Dotan Cohen
http://nanir.com
http://what-is-what.com/what_is/html.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
