PHP 8.5.0 Alpha 1 available for testing

    Voting

    : max(one, five)?
    (Example: nine)

    The Note You're Voting On

    carloshlfzanon at gmail dot com
    8 years ago
    This openssl_spki_* funcs are very usefull to use with <keygen/> tag in html5.

    Example:

    <?php
    session_start    ();

    // form submitted... (?)
    if(isset($_POST['security']))
    {
    // If true, the send from <keygen/> is valid and you can
    // test the challenge too
    if(openssl_spki_verify($_POST['security']))
    {
    // Gets challenge string
    $challenge = openssl_spki_export_challenge($_POST['security']);

    // If true... you are not trying to trick it.
    // If user open 2 windows to prevent data lost from a "mistake" or him just press "back" button
    // and re-send last data... you can handle it using something like it.
    if($challenge == $_SESSION['lastForm'])
    {
    echo     'Ok, this one is valid.', '<br><br>';
    }
    else
    {
    echo     'Nice try... nice try...', '<br><br>';
    }
    }

    }

    // If you open two window, the challenge won't match!
    $_SESSION['lastForm'] = hash('md5', microtime(true));

    ?>

    <!DOCTYPE html>
    <html>
    <body>

    <form action="/https/www.php.net/index.php" method="post">
    Encryption: <keygen name="security" keytype="rsa" challenge="<?php echo $_SESSION['lastForm']; ?>"/>
    <input type="submit">
    </form>

    </body>
    </html>

    << Back to user notes page

    To Top