php form change sha1 password with sed and exec -

-

i'm working on simple password reset form, great deal of here have working. add twist , save reset password in sha1. here code:

#password file $password='something';  <?php  // change password  $rawpassword = (isset($_request["change_pwd"])); $salt = "lgv932q2e9dshufkdjgf927gf8hlo082"; $newpass = sha1($salt . $rawpassword);     $change_pass = exec('sed -i " . escapeshellarg("s/\$password=.*/\$password=\'$newpass\'/g")." include/conf.php');    echo "$change_pass";  ?>  <form method="get" action="<?php echo $_server['php_self']; ?>">     <input type="text" name="change_pwd" maxlength="41">     <input type="submit" name="submit" value="submit" /> </form>

when submit new password, doesn't change sha1 password correctly in file. instead every time password value gets changed to:

$password='356a192b7913b04c54574d18c28d46e6395428ab';

update: salted password , i'm still getting same result. (i'm wondering if there better way other using exec sed?)

okay have taken closer , found couple things consideration.

first thing use post form method , capture data in $_post array in php. appear have variable outside of php tags, output raw text browser in context in.

salting thing , making passwords harder crack. optionally (and recommended) generate random salts , attach them passwords added strength, among other benefits. remember include salt in future when hashing password again during authentication.

the following code should work @ generating new password hash, regardless if using same password.

<?php  // change password if(isset($_post["change_pwd"])) {     $rawpassword = $_post["change_pwd"];      $salt = sha1(microtime()."lgv932q2e9dshufkdjgf927gf8hlo082");     $newpass = sha1($salt . $rawpassword).$salt; }    $change_pass = exec('sed -i ' . escapeshellarg("s/\$password=.*/\$password=\'$newpass\'/g"). ' include/conf.php');   //also helpful note php halts execution until command in exec() completes    echo "$newpass";  ?>  <form method="post" action="<?php echo $_server['php_self']; ?>">     <input type="text" name="change_pwd" maxlength="41">     <input type="submit" name="submit" value="submit" /> </form>

hope helps out!


Comments

Post a Comment

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

-
this svg contains rect overflows svg element: <svg id='svg' width='10' height='10'> <rect x='-10' y='-10' width='30' height='30'/> </svg> chrome 28 , opera 12 return getboundingclientrect() svg element width , height of 10. firefox 23 reports width , height of 30. correct? jsfiddle the relevant spec cssom , delegates svg spec if svg element not "have associated css layout box". haven't found definition of "having associated css layout box", correct result seem hinge on definition, getbbox returns 30x30 rect in browsers. this firefox bug fixed now, fix in firefox nightlies , should make through firefox 33 released on 14 october 2014. see bug 530985 details.
Read more

gcc - Calling fftR4() in c from assembly -

-
i trying asm fft implementation www.embeddedsignals.com work. running make gives error: undefined reference fftr4(short*, short*, int) at top of asm have .syntax unified .thumb .global fftr4 .type fftr4, %function and there #define's associate c functions arguments registers followed macros fftr4 function uses. after that, fftr4 called .thumb_func fftr4: stmfd sp!, {r4-r11, lr} mov tmp0, #0 // bit reversed counter mov tmp1, #0 .word 0xf3a2fa92 //rbit r3,r2 //rbit r,n lsl r,#3 and c code follows: void fftr4(short *y, short *x, int n); short x[512]; short y[512]; int i; void loop() { (i=0;i<512;i++) x[i]=0; (i=0;i<512;i=i+8) { x[i+0]=16384; x[i+2]=16384; x[i+4]=-16384; x[i+6]=-16384;} fftr4(y, x, 256); serialusb.println(y[128]); serialusb.println(y[129]); serialusb.println(y[384]); serialusb.println(y[385]); // expected results: //y[128]is 8191; y[129] -8190 y[
Read more

Function that returns a formatted array in VBA -

-
i have function prints excel data text file in array format following: [ ['id', 'label', 'longitude', 'latitude', 'country', 'region', 'ttl_wt_flw_thru', 'sum-of-bol-wt', 'count of wdr_ref', 'ratio'], ['aeauh', 'abu dhabi, united arab emirates', 54.3666667, 24.4666667, 'ae', 'eame', 66, 30, 8432, 281.066666666667], ['aedxb', 'dubai, united arab emirates', 55.307485, 25.271139, 'ae', 'eame', 682, 3, 8369, 2789.66666666667] ] my code writing array is: function fillsourcearray() dim long, j long, s string dim lastrow double dim s1 string 'opens file filepath = filepath & "dataarray" & ".txt" open filepath output #1 'read source data dataarray = sheets("nodes").cells(1).currentregion.value 'determine lastrow lastrow = sheets("nodes").range
Read more