Posts by Inkeliz • 20,671 points
671 posts
-
2
votes1
answer85
viewsA: Is the PHP password_hash function a wrapper for the crypt function?
This code is unsafe, to use ===. The password_hash also supports Argon2, in the latest versions of PHP, which is not supported by crypt. The crypt also varies from platform to platform, and not all…
-
0
votes2
answers66
viewsA: How to put + of a domain in this code, different references
I believe you have a problem with the @dvd and @Eduardo Bona response, because: https://dominio01.com https://dominio01.com.meusite.com https://meusite.dominio01.com All these are valid for…
-
0
votes2
answers251
viewsA: Python code using HMAC library
Although the reply of @Marcelo Uchimura answers the question, I think it does not answer what the code is for, even mentions that this would be for messages, where it is not a point. HKDF is a KDF…
-
4
votes1
answer86
viewsQ: Why is creating a variable size Slice slower?
Using the make([]byte, tamanho) he has a different behavior when the tamanho is a variable or a constant. Consider the two codes: package Testes import ( "testing" ) func BenchmarkConstante(b…
-
1
votes0
answers31
viewsQ: What is "scoped address zone" in Ipv6?
I was looking at the library of net golang, until I found the Ipaddr guy which is exactly: type IPAddr struct { IP IP Zone string // IPv6 scoped addressing zone } What caught my attention is this…
-
2
votes2
answers271
viewsA: What field do I use to store a timestamp in mysql?
Mysql has a type of TIMESTAMP, which is precisely UNIX TIMESTAMP, as it is mentioned here. Another option is to use INT, since it is an integer as well.…
-
1
votes1
answer146
viewsA: How to accesar map coming from a JSON without creating structs?
I believe that using the interface{} is not ideal. When you use the interface there is no type "associated" to it explicitly, you will always need to use the "type assertions". JSON will be a…
-
0
votes1
answer28
viewsA: PHP - encrypting/ decrypting data
There is no reason to do this, no one does it since the AES is safe. If you do not want to use AES-128 use the AES-256 or AES-192. If you don’t trust AES, especially if you don’t have an…
-
2
votes1
answer2145
viewsA: How does bcrypt work?
The hashPassword includes the salt used. I practically answered this in another matter, but since the question wasn’t specifically about that, then I guess I can answer it here too. The same way…
-
1
votes2
answers318
viewsA: Highlight word in search with php
You can use the str_replace, normally: <?php $buscar = "destacar"; $texto = "Lorem ipsum dolor sit amet, consectetur destacar adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore…
-
1
votes1
answer934
viewsA: Save cookies from one request and use another next Curl
Use the CURLOPT_COOKIEFILE "pointed" to the same file. //... curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__) . '/cookies.txt'); //... The cookies.txt will have cookies written by JAR and will…
-
1
votes3
answers856
views -
2
votes1
answer491
viewsA: How to delete the return of curl_init php?
Use the curl_setopt($post, CURLOPT_RETURNTRANSFER, 1) so that the result of the request is not shown or curl_setopt($ch, CURLOPT_NOBODY, 1) if the body of the answer is insignificant. To find out if…
-
6
votes3
answers4342
viewsA: What is the difference between encryption, encryption and hash calculation?
Coding: The encoding is simply to give a new "meaning" to some byte. UTF-8, for example, is an encoding that converts a byte (or a sequence of bytes) into Unicode characters. Base64 is another…
-
1
votes1
answer233
viewsA: Use same package function with Golang
The go run will only run the file you mention, for example go run main.go. If the code is spread across multiple files it will not be read, which makes the function non-existent. There are some ways…
-
3
votes4
answers28928
viewsA: Calculator in php
It is possible to do this with just one line: echo call_user_func(['+' => 'bcadd', '-' => 'bcsub', '*' => 'bcmul', '/' => 'bcdiv'][$_POST['operacao']] ?? 'bcadd', $_POST['num1'],…
-
2
votes0
answers51
viewsQ: What’s the "P3P" heading for?
I recently found a header with the name P3P, I’ve never seen this before and I don’t know what the real impact is on using this header. I found some information, like this huge documentation, some…
-
4
votes3
answers52
viewsA: Set variable according to number record up to number
You can use a if and a array, for example: if($quantidade >= 4000){ echo $quantidade * 0.03; } elseif ($quantidade >= 100) { echo [1,2,3,4,5,5,5,5][(int)$quantidade/500]; } If the number is…
-
4
votes2
answers107
viewsA: What is the function of this "=&" operator in PHP?
The $x &= $y does the $x and $y point to the same location, as stated in the manual, http://php.net/manual/en/language.references.whatdo.php. The if has nothing to do with that, if is being…
-
6
votes1
answer107
viewsA: Why can’t I store the value '4294967295' in a 4-byte integer?
'Cause he can’t fit in int. The int has both positive and negative numbers. Because of this it goes up to 2147483647, precisely because it goes from -2147483648 to 2147483647. Note that both the…
-
2
votes3
answers5180
viewsA: How to generate random numbers in javascript, differently
Just generate a number from 1 to 111 and then multiply by 5, so you have a result between 1*5 to 111*5. I believe this is the easiest and clearest solution to understand, maybe even quickest. An…
javascriptanswered Inkeliz 20,671 -
0
votes1
answer417
viewsA: Encryption library - Codeigniter
The message gets bigger because it uses AES-CBC and uses HMAC-SHA512. This makes the minimum size 16 bytes + 16 bytes + 64 bytes, in total at least 96 bytes. When encoded for Base64 the "size…
-
0
votes5
answers505
viewsA: Is it possible to listen to multiple buttons with a single addeventlistener() ? If it is possible How to do it with pure javascript?
What you can do is apply the addEventListener in the relative, for example: document.querySelector(".botoes").addEventListener("click", function(e) { if (e.target.value !== undefined &&…
-
0
votes0
answers58
viewsQ: How to apply `visited` to``using javascript?
Imagine I have a CSS: a { color: blue; } a:visited { color: red; } And an HTML: <a href="#">Link</a> Assuming I don’t know what the color is being used, and cannot manipulate browser…
javascriptasked Inkeliz 20,671 -
4
votes1
answer144
viewsA: Encrypting a string with SHA1 does not return the expected value
The cRDtpNCeBiql5KOQsKVyrA0sAiA= is a Base64 of the result of SHA-1. Unfortunately I can’t help you with the exact code. But if you have the byte array from SHA-1, simply encode this result to…
-
3
votes3
answers705
viewsA: Avoid duplicate records in a particular Mysql column
All you have to do is use the UNIQUE, such a form that: ALTER TABLE tabela ADD UNIQUE INDEX(`bidding_price`, `auction_id`); Thus the pair of bidding_price and auction_id are unique, so if it is {0,…
-
3
votes1
answer126
viewsA: Reverse path hash_hmac
No, at least it was designed so you can’t reverse it. However, HMAC is not intended for password, so the only way we have to recover the value can be a little faster. HMAC is a Keyed Hash, it can be…
-
1
votes3
answers592
viewsA: Doubt PHP function - mb_strlen
Summary: THE strlen is unreliable, but using `mb_string(..., '8bit') is not always possible. The question is interesting, because the 8bit not typically common, as stated in the other answers. But I…
-
1
votes1
answer32
viewsA: Selected option
If this is binary (S/N) and the received value is between the two, then you could use the selected, to select an existing value. <option value="S" <?= $dado['enc'] == 'S' ? 'selected' : ''…
-
0
votes2
answers100
viewsQ: How is it still possible to calculate 1<<64-1 without issuing an overflow?
The uint64 limit is (2 64)-1, or simply 1<<64-1. When you try to do something like fmt.Print(uint64(1<<64-1)) it works normally, makes sense once it’s within the limit. However, if the…
-
5
votes4
answers765
viewsA: Numeric sequence loop in PHP
I think a solution would be: $mysql = ['01', '03', '04', '06', '11']; $final = array_fill(0, max(12, max($mysql)), '00'); foreach($mysql as $n){ $final[(int)$n-1] = $n; } var_dump($final); Upshot:…
-
1
votes2
answers334
viewsA: Mysql query with infinite loop
The reason is simple, the $row will never change its state to false, nor 0 and neither null, consequently your loop will become infinite. You’ve probably seen something like this: while( row =…
-
3
votes1
answer76
viewsA: Doubt about Null Byte in Bcrypt PHP
Several PHP functions are (or have been) vulnerable to null bytes, one of the biggest problems was the include(), PHP stopped when finding null, which allowed ignoring the file extension. In the…
-
1
votes1
answer47
viewsA: Limit cookie value to 30
You can use the explode + array_slice and end with a implode. $string = '1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30'; $novoId = 44; $historico =…
-
1
votes2
answers373
viewsA: How to generate a RSA key pair in Windows 10?
JWT supports ECDSA (and I think also Eddsa), which I believe is better than RSA due to its smaller size. But if you want to generate a key you could use Golang himself, he has the following…
-
1
votes1
answer71
viewsA: Assign method to custom types in Golang
You can create a pointer, as follows: func (c *custom) replace(old, new string) *custom { content := string(*c) r := custom(strings.Replace(content, old, new, -1)) return &r } So use it as: func…
-
2
votes2
answers222
viewsA: What are the character types generated by the password_hash() function?
The password_hash() supports two formats, one for Bcrypt and one for Argon2: Bcrypt: "similar" to Modular Crypt Format Argon2: PHC String Format In short, PHP uses, for Bcrypt something very close…
-
3
votes3
answers1821
viewsA: Encrypt/ Decrypt MYSQL/ PHP autoincrement ID
To correct marked response has some errors, in my opinion, that I decided to give another answer. The mt_rand() (and the str_shuffle()) is predictable, a person with access to some answers may be…
-
1
votes1
answer261
viewsA: Cryptocurrencies: What is the difference between SEED, Private/Public Keys, and Address?
The difference depends on the context. Seed: The Seed is simply a long set of uniformly random bytes used to create the keys. It can be displayed in text format, such as Mnemonic Phrase, but this is…
-
-1
votes3
answers227
viewsA: randomly generate for a period of time in php
You can use a key derivation, with a key and the current date (the current week, the current month or the current time), so you will always have the same result with the same key input and the same…
-
5
votes2
answers139
viewsA: Can hashes be different for the same bytes?
What happens is because you are using HMAC. The HMAC is a MAC, not a HASH itself, it is also called "Keyed Hash". Some recent hash algorithms, such as Blake2, have the Keyed Hash feature inside it…
-
3
votes3
answers738
viewsA: How to move Int to Base64 in PHP?
The response of @Valdeir Psr answers the question and solves the problem. However, I had a completely different idea of solving the situation by using bitwise. I thought of simply dividing the value…
-
3
votes2
answers968
viewsA: PHP How to generate a unique ID equal to the GOOGLE shortener
There are some things to consider: It’s interesting that you hide the number? If you have /1, /2, /3 a user can change the value and get previous values. This is very bad in some cases, for example…
-
11
votes3
answers738
viewsQ: How to move Int to Base64 in PHP?
Base64 can store 6 bit at each character used. Assuming we are using int64 or uint64 we use 64 bits, which could be represented in ~11 characters. I tried to answer this question, but PHP fails to…
-
2
votes1
answer49
viewsA: Turning a python function into a PHP function
Well, the code isn’t indented, so I guess it’s: def createSignature(clientId, apiKey, privateKey, nonce): message = str(nonce) + str(clientId) + apiKey signature = hmac.new(privateKey, message,…
-
3
votes1
answer185
viewsA: How to check if the mysql result number is empty?
Simple, the num_rows is inside the while, your code doesn’t make sense. What the code is doing is... As long as there are lines (while ($reg = mysqli_fetch_array($result1))): If there are lines…
-
3
votes1
answer3356
viewsA: PHP Storm, identation
You can change this in: "File" > "Settings" > "Code Style" > "PHP" > "Wrapping and Braces" You will have the following field: While you are "Next line" it will skip the line, if you are…
-
1
votes2
answers381
viewsA: Optimization, speed in select, and PHP code
This can have several reasons, including the very way that organized the database or even the hardware. Running a test, in a table containing 239289977 lines and more than 46GB, the SELECT * FROM…
-
2
votes4
answers1768
viewsA: How to generate a serial key that contains a prefix in the first 5 characters?
I believe you should use random_bytes or random_int instead of rand(). The difference is that the random_* will use the CSRPNG present in the operating system, which is more secure than LGC or…
-
17
votes9
answers31327
viewsA: How to hash passwords safely?
If possible use the Argon2, he was the winner of PHC, has more adjustment options compared to PBKDF and Bcrypt. He can you adjust: Iterations: time cost, more operations will be done. Memory: memory…