Hi everyone I was wondering what could be possible to randomize this code even further :
<?php
$key=md5('ILOVEYOU');
$serverseed = floor(time() / 5);
srand($serverseed);
$result = rand();
$modulus_result= $result % 100;
echo "before: ".$modulus_result."<br>";
echo "after: ".encrypt($modulus_result, $key)."<br>";
echo decrypt($modulus_result, $key);
function decrypt($string, $key){
$string = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($string), MCRYPT_MODE_ECB));
return $string;
}
function encrypt($string, $key){
$string = rtrim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_ECB)));
return $string;
}
?>
Ok for everyone that stumbled upon this thread and missunderstood the topic, I'm not using this function to protect ANYTHING inside my website, I'm just looking ways to randomize this function as it uses time() as a reference...
I need to generate a random int from 1-100, that seems to work, I'm just looking for other ways to randomize it( if I could explain a bit more, adding some sort of "salt" not encryption of any sort.)
Check the documentation:
This function does not generate cryptographically secure values, and
should not be used for cryptographic purposes. If you need a
cryptographically secure value, consider using random_int(),
random_bytes(), or openssl_random_pseudo_bytes() instead.
You might want to use random_int instead.
The problem with that is that was introduced with PHP 7 so you might not be able to use it. In this case, you can get it here, as mentioned in the documentation.
Related
I mean if we give 3, b as parameters passed into function, it should return "bbb" by using loops.
I've tried some code, but I do not want to post it because it might look crazy for a well-versed developer. I can provide you links, this question has been asked in an interview, mainly they want it to be computed in C or C++. Since I am a PHP practitioner, I am curious to know it is possible in PHP. Below is the link (ROUND 2: SIMPLE CODING(3 hours))
https://www.geeksforgeeks.org/zoho-interview-set-3-campus/
A PHP function to do that would probably look like this:
function string_repeat($num, $string)
{
$result = "";
for ($x = 0; $x < $num; $x++) {
$result .= $string;
}
return $result;
}
So calling echo string_repeat(3, 'b'); would output:
bbb
One way would be to keep around a "dummy" string, of sufficient length to be longer than any string you want to generate. Then, we can use preg_replace to replace each character with whatever the input is. Finally, we can substring that replace string to the desired length.
$dummy = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$length = 3;
$dummy = preg_replace('/./', 'b', $dummy);
$output = substr($dummy, 0, $length);
echo $output;
This prints:
bbb
You could wrap this into a helper function, if you really wanted to do that. Note that internally the regex engine is most likely doing some looping of its own, so we are not really freeing ourselves from looping, just hiding it from the current context.
I was just wondering if it's possible to reverse the string shuffle function in php?
For Example:
$shuffle = str_shuffle("popcorn");
echo $shuffle;
If you refreshed the page 3 times, you might see something like this:
oroppcn
oppncro
opcrnop
etc...
Is there a way to "Scrabble" that back into "popcorn"?
If we are talking about canceling the str_shuffle action, then this is not possible despite the fact that the php documentation says: "This function does not generate cryptographically secure values". Reversing the rand algorithm used in str_shuffle is a non-trivial cryptographic task.
But let's fantasize. Suppose if we have a dictionary, then we can do this:
<?php
$list = array('apple', 'popcorn', 'banana');
$shuffle = str_shuffle("popcorn");
$letters = count_chars($shuffle,1);
foreach ($list as $word) {
if ($letters == count_chars($word,1))
echo "$word\n";
}
DEMO
I am using random.org in my php script to generate random numbers like that:
function getToken($length){
$r = explode('
',file_get_contents('http://www.random.org/integers/?num='.$length.'&min=0&max=9&col=1&base=10&format=plain'));
$string = '';
foreach ( $r as $char ) $string.=$char;
return $string;
}
but my university net denies such queries, so whenewer i test my project using university wifi, i dont get random numbers to be generated, and that means trouble.
So, i before using this function, it needs to be chect if i can query random.org or not like that:
if( site is accessible ) return getToken();
else return false;
what would be the best way to check accesability?
Myself i tried:
file_get_contents();
but it sends warnings,whenewer it fails,
dns_get_record();
but i dont know if i can trust that, if it checks only dns name.
Please help!
P.S. a pinging technique might proove usefull...
You could just run file_get_contents with # to supress errors and simply return when it doesn't give you a random number, resulting in something like:
function getToken($length){
$number = #file_get_contents('http://www.random.org/integers/?num='.$length.'&min=0&max=9&col=1&base=10&format=plain');
if($number === false) return null;
$r = explode('',$number);
$string = '';
foreach ( $r as $char ) $string.=$char;
return $string;
}
That being said, I seriously doubt if you really need to use random.org to generate random numbers. PHP's own pseudo-random generator functions include openssl_random_pseudo_bytes that is said to generate "cryptographically strong" pseudorandom numbers:
http://www.php.net/manual/en/function.openssl-random-pseudo-bytes.php
Friends my php 5.2 codes am keeping my password like this
echo '<br>'.base64_encode(mhash(MHASH_MD5,'test'));
result CY9rzUYh03PK3k6DJie09g==
In php 5.3 mhash extension is obsoleted by Hash like I saw in there documentation. So I tried like this. But its giving wrong result.
echo '<br>'.base64_encode(hash(MD5,'test'));
result MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY=
Please help me to convert my 5.2 mhash codes to 5.3.
Thanks
Actually, they are the same, only in a different format.
The first one is binary data, while the second one is hexadecimal.
You can convert the first one to the second using this function:
$second_hash = bin2hex ($first_hash);
Or the other way around:
$first_hash = hex2bin ($second_hash);
Update
Add this function:
define('HEX2BIN_WS', " \t\n\r");
function hex2bin($hex_string) {
$pos = 0;
$result = '';
while ($pos < strlen($hex_string)) {
if (strpos(HEX2BIN_WS, $hex_string{$pos}) !== FALSE) {
$pos++;
} else {
$code = hexdec(substr($hex_string, $pos, 2));
$pos = $pos + 2;
$result .= chr($code);
}
}
return $result;
}
If you want to update obsolete mhash() method to hash_hmac() method using sha1, simply replace :
mhash(MHASH_SHA1, $data, $key)
into
hash_hmac('sha1', $data,$key,true)
In my context i was faced to old piece of code
base64_encode(mhash(MHASH_SHA1, $data, $key));
which i replaced by
base64_encode(hash_hmac('sha1', $data,$key,true));
I hope it could help.
mhash(MHASH_MD5, 'FOOBAR'); // what you have
pack('H*', hash(MD5, 'FOOBAR')) // what you accepted
pack('H*', md5('FOOBAR')); // ...
md5('FOOBAR', true); // what you could/should have used
I know this question is rather old but today I had the same problem. Based on this post I was able to find a shorter and I guess more performant way which is worth sharing in my opinion.
I wanted to convert an array to lowercase and was wondering the most efficient method. I came up with two options, one using array_walk and one using foreach and wanted to compare them. Is this the best way to compare the two? Is there an even more efficient method that I have overlooked?
<?
$a = array_fill(0, 200000, genRandomString());
$b = array_fill(0, 200000, genRandomString());
$t = microtime(true);
array_walk($a, create_function('&$a', '$a = strtolower($a);'));
echo "array_walk: ".(microtime(true) - $t);
echo "<br />";
$t = microtime(true);
foreach($b as &$source) { $source = strtolower($source); }
echo "foreach: ".(microtime(true) - $t);
function genRandomString($length = 10) {
$characters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$string = '';
for ($p = 0; $p < $length; $p++) {
$string .= $characters[mt_rand(0, strlen($characters)-1)];
}
return $string;
}
The output:
array_walk: 0.52975487709045
foreach: 0.29656505584717
Two questions in one!
How to run the tests:
Personally, I'd write individual test scripts for each method, then use the Apache ab utility to run the tests:
ab -n 100 -c 1 http://localhost/arrayWalkTest.php
ab -n 100 -c 1 http://localhost/foreachTest.php
That gives me a much more detailed set of statistics for comparison
I'd also try to ensure that the two methods were working on identical datasets for each test, not different random data.
The most efficient method:
You should unset($source) after your loop as a safety measure: because you're accessing by reference in the loop, $source will still contain a reference to the last entry in the array and may give you unpredictable results if you reference $source anywhere else in your script.
I had lots of weird results in the past when using the microtime approach over using a dedicated profiler, like it exists in XDebug or Zend_Debugger. Also, for a fair comparison your arrays should be identical instead of two random arrays.
In addition, you could consider using array_map and strtolower:
$a = array_map('strtolower', $a);
which would save you the lambda for array_walk. Anonymous functions created with create_function (unlike PHP 5.3's anonymous functions) are known to be slow and strtolower is a native function, so using it directly should be faster.
I did a quick benchmark and I dont see any relevant speed difference between this approach and your foreach. Like so often, I'd say it's a µ-opt. Of course, you should test that in a real world application if you think it matters. Synthetic benchmarks are fun, but ultimately useless.
On a sidenote, to change the array keys, you can use
array_change_key_case — Changes all keys in an array
I don't know PHP, so this is a wild guess:
str_split(strtolower(implode("", $a)))