Hi, Thanks to everyone for help on this matter. Combined with some SQL insert statements and loops, it works great. Now to get the numbers to a printer...
As usual, this list ROCKS!!!! @lvin At 03:23 PM 5/14/02, Miguel Cruz wrote: >On Tue, 14 May 2002, Alvin Tan wrote: > > This is not really a PHP question, but seeing that the final application > > will be in PHP, I figured this'll be the best place to start. > > > > I have a client who wants to release a unique PIN for each product they > > sell which works as a key to get more goodies on the website. How/where > > can I get a large number of PINs, much like a software key (e.g. > > 3HH5R-E59VB-7SX99 or similar)? > >The easiest is probably something like this... > >Generating PINs: > > $randnum = strval(rand(10000000, 99999999)); > $secretword = 'purple%chicken^'; > $hash = md5($randnum . $secretword); > $PIN = substr($randnum, 0, 4) > . substr($hash, 0, 2) . '-' > . substr($hash, 2, 6) . '-' > . substr($hash, 8, 2) > . substr($randnum, 4); > >This will generate PINs in a format like 8087a5-6b09eb-a65859. > >Verifying PINs: > > $PIN = str_replace('-', '', $PIN); > $secretword = 'purple%chicken^'; > $randnum = substr($PIN, 0, 4) . substr($PIN, 14, 4); > $hash = substr($PIN, 4, 10); > if (substr(md5($randnum . $secretword), 0, 10) == $hash) > print "PIN is valid"; > else > print "PIN invalid"; > >As long as you can keep the secret word ($secretword) confidential, this >will let you generate an infinite supply (okay, several million anyway) of >PINs that can be validated with the simple code above, yet which are >very difficult to fake. > >Obviously, if you need to locate the validation code on someone else's >machine, this is not a good approach. And, like most things, it is >susceptible to brute-force attacks unless you put in something to throttle >repeated attempts at guessing PINs. > >miguel > > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php