Posts by Inkeliz • 20,671 points
671 posts
-
2
votes2
answers551
viewsA: Security Login - PDO
If you really consider "security" this library already has problems by itself and others that can be created by you. Password without null filter (0x00) The use of $hashPasswd =…
-
1
votes2
answers477
viewsA: number of days of the week per month
Another solution is to make an array based on date('W', ...) and increase it, for example: function DiasPorSemana($data) { $tempo = strtotime('first day of this month', strtotime($data)); $limite =…
-
3
votes2
answers649
viewsA: Check the form to see if password entered is easy
First we need to determine what is a strong and weak password, this is the most obvious start. There are several types of implementations, here you can see an example comparing three different…
-
1
votes4
answers1938
viewsA: Show age in years in php
One way to check the age is to subtract the current date by the other date, assuming the date is in a correct format (mainly in YYYY-MM-DD, but other formats can also be used, such as YYYYMMDD,…
-
0
votes1
answer149
viewsA: Control output size Curl
PHP, as usual, has no support to the CURLOPT_XFERINFOFUNCTION and not even the CURLOPT_MAXFILESIZE is listed there... One way I see, but not necessarily the best, is to use the…
-
1
votes1
answer99
viewsA: Is using Stratum protocol in PHP possible? Is there any equivalent to Go’s net.Dial`?
I managed to do using socket_*, as follows: $socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); $conn = socket_connect($socket, gethostbyname('electrum.hsmiths.com'), '50001'); $comando =…
-
2
votes2
answers466
viewsA: How to make a listbox where I can select more than one value?
You can change the default behavior of it, using only Javascript, without Jquery could do: let elemento_options = document.querySelectorAll('select[multiple] option');…
-
3
votes1
answer99
viewsQ: Is using Stratum protocol in PHP possible? Is there any equivalent to Go’s net.Dial`?
I wanted to use Electrum’s servers, listed here, it uses a protocol called "Stratum", which is documented here, but I don’t even know is the most updated. I can "make it work" using the library tls…
-
1
votes1
answer136
viewsA: Twitter API with CURL
If you really want an array, which by me doesn’t make any sense and seems to me to be one that this issue is an "XY problem". But anyway, just "explode" for each \t. So, supposing it’s in string:…
-
1
votes1
answer430
viewsA: Google Maps API (server-side) limits
I believe that this issue is more legal than programming. Since just reading the terms will find this information. I don’t even know if I should answer and I don’t know if the information here will…
-
2
votes2
answers753
viewsA: Count the amount of months you "Turned" from two dates?
I believe that it would only subtract the month with the other month, in general that: function MesesVirados(string $inicio, string $fim){ return abs($fim['mes'] - $inicio['mes']); } So this…
-
1
votes1
answer239
viewsA: Netscape HTTP Cookie File - Use saved file?
There are four read functions (and one write which is the CURLOPT_COOKIEJAR, officially and a info which is the CURLINFO_COOKIELIST, that informs in the format Set-Cookie, explained below):…
-
1
votes2
answers872
viewsA: Deck of random cards
For general use the @Leandro response can be used. However for being a card game, although predictability is not something so easy... it is still possible, so my comment. Even by law in some cases,…
-
2
votes2
answers131
viewsA: How do I get compound domain names?
It is difficult to create something that works in all cases, I tried to make it as simple as possible, but in several cases it has errors somewhat grotesque. Testing: Alexa’s TOP 30 score:…
-
1
votes3
answers144
viewsA: How to get the name of the site?
The nearest solution for all cases is much more complex than a REGEX. Unfortunately I could not make it more friendly,the final code got a little confused, but I believe I can still understand and I…
-
4
votes3
answers134
viewsA: How not to let the user click more than once on javascript button
Just add the disabled to disable the button, so "find a way" to add the attribute when clicked. One of the options is to simply add in onClick: <button…
-
4
votes2
answers244
viewsA: Check is Curl image
One way is by using the finfo_buffer, for example: if(finfo_buffer(finfo_open(FILEINFO_MIME_TYPE), $conteudo) === 'image/jpeg'){ // O $conteudo é um 'image/jpeg' } I don’t know how secure this is.…
-
3
votes2
answers130
viewsQ: Why can’t all if have Isis?
I’m exploring a little about FPGA and wanted to do something very simple, a button that when clicked would change the status. Ignoring the other problems in logic itself, the fact that caught my…
-
2
votes2
answers1065
viewsA: How to confirm that the request was made through the website securely
There are two points to consider, one of them has solution: I want to prevent another website send request to my website: A website (malicioso.com) is making requisitions to seusite.com, taking…
-
1
votes3
answers228
viewsA: Doubt Warning in Javascript
If there is a button then set the window.onbeforeunload for null when it is clicked, so the alert will not be displayed. It doesn’t make sense to want to do it like isset($_POST[])), this is PHP,…
-
4
votes2
answers545
viewsA: Check string is contained in PHP Array
If "contained" which means "identical" you can use the array_search: $index = array_search('Procurado', array_column($array, 'data'), true); Test this. This will only work if the value of data is…
-
1
votes3
answers499
viewsA: Concatenate Javascript with PHP
Another alternative might be to use printf (or sprintf depending on the case): printf('<button onclick="gravaDados(\'%s\')" class="btn-playpause">Play</button>', $nomeCliente); I don’t…
-
4
votes1
answer678
viewsA: Receive variable value and insert multiple rows into MYSQL
First you can use the explode() to break between the commas: $array = explode(',', '758,749'); This will generate an array containing 758 and 749, separated. Then there are several ways to enter the…
-
2
votes2
answers2065
viewsA: Password_verify does not return the correct one
The password_hash supports Bcrypt and Argon2i (in PHP 7.2). MD5 has never been assigned to passwords. Moreover since 1994 it could already be considered broken, nowadays it is not recommended for…
-
1
votes2
answers97
viewsA: How to get neighboring values at the given offset of an array?
You can use your own array_slice that mentioned or could use a simple for, I think the latter would be easier, could also use next and prev, finally has several options. function selecionar($array,…
-
0
votes1
answer98
viewsA: How to recover the functions of a cloned editor?
I’ve never used Summernote, but I sell basic API documentation there are the following functions to obtain the typed content (in HTML) and there is also how to define a content by inserting inside…
-
1
votes3
answers1170
viewsA: Generate 5 digit combinations
If it is only number could also use, no need for loop (although personally believe that the loop, used in the response of @bfavaretto be better): echo sprintf('%05d', random_int(0, ((10 ** 5) -…
-
8
votes2
answers1302
viewsA: Mask credit card numbering
Another option would be to use substr_replace(), since the string is not multibyte will not be a problem. This will not break/split the string, just insert the asterisks into the defined spaces.…
-
7
votes1
answer610
viewsQ: How does the Meet-in-the-Middle attack work?
I was looking for the old 3DES and decided to search because there is no 2DES, I found little information, even because it did not "exist" in fact 2DES. Although abbreviated also as MITM, it has no…
cryptographyasked Inkeliz 20,671 -
2
votes1
answer72
viewsA: Taking hidden data with the <noscript> tag file_get_contents
There is no "emulate a javascript enabled", except that use some Webdriver, but you do not need to emulate. By quickly analyzing the source code captcha is generated in /sabiweb/captcha-load/, it…
-
4
votes3
answers1201
viewsA: Accented characters are considered as two characters
This depends on the encoding as you yourself noticed. UTF-8, which is the most common, varies from 1 byte (7 useful bits) to 4 bytes (21 useful bits). All ASCII uses only 7 bits, ie the most…
-
4
votes1
answer50
viewsA: I get different results when I convert from Character to Decimal in PHP and Java
This is because the ord() does not support UTF-8, you have two solutions to match the values. A better explanation of what occurs can follow the idea: $hex = unpack('H*', 'á')['1']; // = "\xC3\xA1"…
-
0
votes1
answer25
viewsA: Arquivos Statics
First you need to know why there is performance improvement when using subdominio.site.com. I believe the advantages are: CDN: The static.site.com is on another server, probably a CDN, specific to…
-
13
votes1
answer1745
viewsA: Is PHP Login Safe?
There are several possible attacks with the sessions, I will only consider the standard PHP sessions and with few variations. The PHP session system is very simple, it saves a file in the folder…
-
1
votes2
answers70
viewsA: Remove and insert characters in the same position
Whereas the position is each byte and they may not be together you can use two mb_substr. foreach($arrayPosicao as $index => $posicao){ $stringAtePosicao = mb_substr($stringInicial, 0, $posicao,…
-
5
votes1
answer299
viewsA: Why is it not good to use this function and how do I identify the user’s IP then?
Because you trust the header sent by the client, simple as that. This allows the client to falsify the IP, allowing IP Spoofing. Basically the rule is "Never trust any header" in the same way that…
-
0
votes1
answer368
viewsA: What is a cipher?
I believe that "Cipher" is a very generic term, but it refers to the algorithm used by text encryption and decryption, that is how the plain text will become an ciphertext and how it will be…
-
2
votes3
answers1626
viewsA: Single ID generation with Mysql
If you want it to be unique attribute the UNIQUE in column, this will prevent duplicates, Mysql itself will prevent the insertion of two equal values: ALTER TABLE sua_tabela ADD UNIQUE…
-
4
votes2
answers1874
viewsA: Separate query by month and add the results
First I wouldn’t use float for this type of data. But to add up everything by month/year just use the GROUP BY, for example: SELECT SUM(`depositos`), SUM(`lucro`), SUM(`fornecedor`),…
-
0
votes1
answer303
viewsA: Curl Friendships/create, bad Authentication data
If you monitored the information sent to Twitter then you should have noticed the presence of the headers of authorization, x-csrf-token, x-twitter-active-user and x-twitter-auth-type. All of them…
-
0
votes2
answers160
viewsA: Use IP or LOCATION the user is (or closest to) to send a query
It’s exactly the same as this question. What you want to do is not possible, at least not a mere site. Other than there are security breaches in the code, but I’ll ignore that. For you to use some…
-
0
votes1
answer44
viewsA: Doubt in unescape cryptography
This is not encryption, far from it. For it to be an encryption it should at least have a key, which does not exist. Just seeing the 636f6e746163744069702d6170692e636f6d already says that it is a…
-
0
votes2
answers510
viewsA: How to select data from the previous month and year?
There is another alternative that would use the first day of the month and then get only what is previous, for example using the MAKEDATE(): SELECT SUM(valor_pag) FROM controle WHERE data_paga <…
-
3
votes2
answers385
viewsA: Send blank field to database
Ignoring existing security problems. For me you have four easy alternatives: Set to "DEFAULT" in Mysql. Set in INSERT in PHP. Set text as output in PHP. Set text as output in Mysql. Set DEFAULT in…
-
0
votes2
answers453
viewsA: Ways to use Curl with PHP?
Headers are used so that both parties can understand each other in general, they define what the client supports or expects as a result, among other options, some for security. The first…
-
4
votes5
answers3695
viewsA: Regular expression to find bar
In general, if you want to validate if there are two letters, uppercase, followed by a bar and then only numbers, no specific size you can use: [A-Z]{2}\/[0-9]{1,} This will make it valid for doos…
-
2
votes1
answer401
viewsA: Curl does not request
When using the CURLOPT_COOKIESESSION you force Curl to ignore session cookies, consider "session cookies" as cookies that have no expiration date. When you send the request to /login_check it stores…
-
1
votes1
answer247
viewsA: Ffmpeg and video vs audio time
Assuming you are using via CLI, if the video is shorter than the audio you can simply use: -shortest (output) "Finish encoding when the shortest input stream ends." I believe this is enough, for…
-
1
votes2
answers273
viewsA: Turn decimal into PHP binary
You can also use the ip2long() to convert to decimal. Thus: $decimal = ip2long('255.255.255.0'); Then you can convert from decimal to binary using the decbin and then use the str_pad as using in the…
-
0
votes1
answer143
viewsA: get content Random url inside txt file
This is quite simple to be done, there are N way to do this. First you need to get the files, the list of files you have in the folder, in this case assuming that everything is inside of /pasta/ and…