Re: [PHP] PGP 5 start up issue
On Fri, November 4, 2005 8:46 pm, Vizion wrote: php 5 on windows xp with apache 2 and mysql 5. Php start up unable to load dynamic library: E:\php\ext\php_bz2.dll with error 'The specified module could not be found' same for and php_yaz.dll I have php5ts.dll in both E:\php\ and E:\php\ext I had a similar problem for php_mcrypt which was solved by installing libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the problems with these two. I tried copying versions of yaz.dll and php_yaz.dll from http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 because those versions seemed to be looking for php4ts.dll rather than php5ts.dll so I seemed to have got stumped. For sure, you CANNOT mix-n-match the DLLs from PHP4 and PHP5. You can't even reliably mix-n-match 4.1.x and 4.1.y, really, I don't think. It *might* work, but I doubt it would be truly stable long-term, as sooner or later you'll use that one function that CHANGED between x and y, and Boom! That said, start with http://php.net/phpinfo and see where PHP thinks your php.ini file should be. Put your php.ini file there. Then, in that php.ini file, look for the extensions_dir setting, and see where it expects your extensions to be. Then put all your PHP5 DLLs there. Only include the DLLs that came bundled with your PHP5 zip, at least to start. You *might* be able to find PHP DLLs that were compiled with that EXACT SAME version of PHP for the libraries you want. But under no circumstances should you try DLLs compiled for other versions. If you're lukcy it won't work at all. If you're unlucky, it will SEEM to work, and you'll go on with life, until... see Boom! above. You may want to try the PHP-Windows list to locate specific DLLs for your PHP version. Good Luck! PS In theory, if you own MSVC++ 7 (8? 9?) you could snag PHP source and compile all the DLLs you need... I tried that once, and couldn't get past finding the compile button in the IDE, which promptly caused the IDE to puke un-intelligible error messages at me... I thrashed and flailed and Googled [*] for days and got nothing useful. I was doing this because the (there was only one then) PHP Windows guy was too busy to compile PHP for Windows and PHP 3.?.? had just come out and somebody else needed it... Some other person got the job done, fortunately. I never did get MSVC++ to do anything useful... * Can you call it Googling when you did it using search engines that pre-date Google because Google didn't exist?... :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP 5 start up issue
I don't mean the php.ini file, I mean the extension directive setting in php.ini
Re: [PHP] PGP 5 start up issue
On Sunday 06 November 2005 12:14, the author Unknown Unknown contributed to the dialogue on- Re: [PHP] PGP 5 start up issue: I don't mean the php.ini file, I mean the extension directive setting in php.ini Yep I thought that was what you meant -- it is not the cause.. I should have posted that I found a solution which was to use the pear functions dor those extensions. It seems, for some reason, that the extensions do not work on php5 but the pear equivalents do.. at least for me. david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP 5 start up issue
On 11/4/05, Vizion [EMAIL PROTECTED] wrote: php 5 on windows xp with apache 2 and mysql 5. Php start up unable to load dynamic library: E:\php\ext\php_bz2.dll with error 'The specified module could not be found' same for and php_yaz.dll I have php5ts.dll in both E:\php\ and E:\php\ext I had a similar problem for php_mcrypt which was solved by installing libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the problems with these two. I tried copying versions of yaz.dll and php_yaz.dll from http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 because those versions seemed to be looking for php4ts.dll rather than php5ts.dll so I seemed to have got stumped. Can anyone help out? Thanks in advance david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php i recommend you change php.ini and make the extensions folder e:\php\ or whatever you use, it would probably fix the problem
Re: [PHP] PGP 5 start up issue
On 11/5/05, Unknown Unknown [EMAIL PROTECTED] wrote: On 11/4/05, Vizion [EMAIL PROTECTED] wrote: php 5 on windows xp with apache 2 and mysql 5. Php start up unable to load dynamic library: E:\php\ext\php_bz2.dll with error 'The specified module could not be found' same for and php_yaz.dll I have php5ts.dll in both E:\php\ and E:\php\ext I had a similar problem for php_mcrypt which was solved by installing libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the problems with these two. I tried copying versions of yaz.dll and php_yaz.dll from http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 because those versions seemed to be looking for php4ts.dll rather than php5ts.dll so I seemed to have got stumped. Can anyone help out? Thanks in advance david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php i recommend you change php.ini and make the extensions folder e:\php\ or whatever you use, it would probably fix the problem oh and also check spelling and if windows has read/write/execute permissions make sure there is proper persmissions
Re: [PHP] PGP 5 start up issue
On Saturday 05 November 2005 08:58, the author Unknown Unknown contributed to the dialogue on- Re: [PHP] PGP 5 start up issue: On 11/5/05, Unknown Unknown [EMAIL PROTECTED] wrote: On 11/4/05, Vizion [EMAIL PROTECTED] wrote: php 5 on windows xp with apache 2 and mysql 5. Php start up unable to load dynamic library: E:\php\ext\php_bz2.dll with error 'The specified module could not be found' same for and php_yaz.dll I have php5ts.dll in both E:\php\ and E:\php\ext I had a similar problem for php_mcrypt which was solved by installing libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the problems with these two. I tried copying versions of yaz.dll and php_yaz.dll from http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 because those versions seemed to be looking for php4ts.dll rather than php5ts.dll so I seemed to have got stumped. Can anyone help out? Thanks in advance david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php i recommend you change php.ini and make the extensions folder e:\php\ or whatever you use, it would probably fix the problem oh and also check spelling and if windows has read/write/execute permissions make sure there is proper persmissions I have tried placing the php.ini file in \windows and \windows\system32 and tried it in both places to no avail. All the other extensions load fine - the problem seems to be peculiar to these two. The spelling is fine... david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP 5 start up issue
php 5 on windows xp with apache 2 and mysql 5. Php start up unable to load dynamic library: E:\php\ext\php_bz2.dll with error 'The specified module could not be found' same for and php_yaz.dll I have php5ts.dll in both E:\php\ and E:\php\ext I had a similar problem for php_mcrypt which was solved by installing libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the problems with these two. I tried copying versions of yaz.dll and php_yaz.dll from http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 because those versions seemed to be looking for php4ts.dll rather than php5ts.dll so I seemed to have got stumped. Can anyone help out? Thanks in advance david -- 40 yrs navigating and computing in blue waters. English Owner Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] pgp-gd and netpbm (pamdice)
Hello *, I like to upload new topographical maps into my System and split it into smaller parts. Curently I am using exec() to do the Job, but like to use php native tools to do the Job. Also I need better naming schemes as netpbm (pamdice) do. Exactly I will like to give a horizontal vertical start number to get images like 4_8.jpg 4_9.jpg 4_00010.jpg 4_00011.jpg 5_8.jpg 5_9.jpg 5_00010.jpg 5_00011.jpg 6_8.jpg 6_9.jpg 6_00010.jpg 6_00011.jpg 7_8.jpg 7_9.jpg 7_00010.jpg 7_00011.jpg ^ ^ / \ horizontallinevertical image How can I do this ? Thanks and Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
[PHP] PGP commands problem
Hi all, I have a little problem with signing e-mails from PHP. The little piece of code giving me headaches is this: ?php $data = some data here...; $tmp_file = tempnam('/tmp','PGP'); putenv(PGPPATH=/home/nobody/.pgp); putenv(HOME=/home/nobody); exec(echo . escapeshellarg($data) . $tmp_file); exec(cat $tmp_file | pgp -sta -u Alex -o $tmp_file); ? If I run it from shell with # php -f pgp_sign.php it works as expected, I get one temporary file containing the unsigned data, and one secondfile with an extra .asc extension, with the data signed with the chosen key. If I run it from the browser however it just shows loading loading..., loading... forever! It never gives an error (well, I did not wait forever, that's true, my time on Earth is limited ;) and it never gets loaded either. When I look at the files that it should create, I see the first is created ok, but the second is not. The test script, does belong to nobody user, just like the /home/nobody and just like the user the apache is run under: httpd.conf: ... User nobody Group nobody ... PHP Safe Mode is Off and in the error log I see this: Pretty Good Privacy(tm) Version 6.5.8 (c) 1999 Network Associates Inc. Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Export of this software may be restricted by the U.S. government. Pretty Good Privacy(tm) Version 6.5.8 (c) 1999 Network Associates Inc. Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Export of this software may be restricted by the U.S. government. Has anybody had any similar experience? Has anybody worked it out? :) If anybody could help I would really appreciate, Thank you in advance, Have a nice day everyone, Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] pgp form handler will not display data
There must be something obvious that I am missing but I cant get the php form handler with the script below to display the vairables. The form which sends this data has the correct field names. I am also using the get action, so I can see the variables and values so I know that they are being passed correctly to the form. On submit, the form below displays as follows below. ?php print the referring doctor is $referringdr .br\n; print the referral date is $dateofreferral .br\n; print the patients first name is $pfirst .br\n; print the patients last name is $plast .br\n; print the patients telephone number is $telephone .br\n; print the referring doctor email is $refdremail .br\n; print the upload is $imageupload br\n; ? output from patreferhandler.php?%24referringdr=sample+person[EMAIL PROTECTED] .comdateofreferral=12%2F03%2F03pfirst=clientfirstplast=clientlasttelepho ne=555-imageupload=Submit=Submit the referring doctor is . the referral date is . the patients first name is . the patients last name is . the patients telephone number is . the referring doctor email is . the upload is Thanks, Jack -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] pgp form handler will not display data
Jack -- [Aha ... I see that you provide the calling URL in this post, which explains the near-duplication. One question answered; a million to go!] ...and then Jack E. Wasserstein, DDS, Inc. said... % % There must be something obvious that I am missing but I cant get the php ... % % output from % % patreferhandler.php?%24referringdr=sample+person[EMAIL PROTECTED] % .comdateofreferral=12%2F03%2F03pfirst=clientfirstplast=clientlasttelepho % ne=555-imageupload=Submit=Submit While it looks like dateofreferral, pfirst, plast, telephone, Submit should work, I don't at all trust the %24 nistead of at the beginning of the URL; it's probably turned off your input parsing. Fix that and try again and let us know what you get. HTH HAND Happy Holidays :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
[PHP] PGP?
Any way in PHP to grab form info and then encrypt it with PGP before sending it out as an email? -Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP and PHP together???
Is it possible to use php and pgp together? Are there any good tutorials out there? -- Mike Yrabedra President 323 Enterprises Home of The MacDock and The MacSurfshop [http://macdock.com] : [http://macsurfshop.com] VOICE: 770.382.1195 iChat/AIM: ichatmacdock ___ in all your ways acknowledge Him and He will direct your paths. Proverbs 3:6 NIV {{{ -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP and PHP together???
Mike -- ...and then MIKE YRABEDRA said... % % Is it possible to use php and pgp together? Are there any good tutorials out % there? It's absolutely possible. What do you want to do? The only thing that most people find a little tricky is that you have to think as the web server and not as yourself, so the web server has to be able to find the keys and such. I don't know of any tutorials in particular but it's like calling any other external program. It might be fun to have some pgp/gpg functions built into a class, but I'm not clever enough to write that [yet ;-] HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg96734/pgp0.pgp Description: PGP signature
Re: [PHP] PGP and PHP together???
There is a PHP extension named GPGext for PHP, it uses the gnupg made easy library to make gpg functions available to PHP without executing external programs. It is available at: http://www.sourceforge.net/projects/gpgext/ Jason On Wed, 2003-02-12 at 20:34, David T-G wrote: Mike -- ...and then MIKE YRABEDRA said... % % Is it possible to use php and pgp together? Are there any good tutorials out % there? It's absolutely possible. What do you want to do? The only thing that most people find a little tricky is that you have to think as the web server and not as yourself, so the web server has to be able to find the keys and such. I don't know of any tutorials in particular but it's like calling any other external program. It might be fun to have some pgp/gpg functions built into a class, but I'm not clever enough to write that [yet ;-] HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP and PHP together???
Jason, et al -- ...and then Jason Sheets said... % % There is a PHP extension named GPGext for PHP, it uses the gnupg made % easy library to make gpg functions available to PHP without executing % external programs. Way cool! I'm not suprised, but I hadn't heard of it before. Can't wait to see what functions it offers. % % It is available at: http://www.sourceforge.net/projects/gpgext/ Thanks a *bunch* for the link. I'll very eagerly surf over! % % Jason Thanks HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg96736/pgp0.pgp Description: PGP signature
[PHP] PGP signing text from called from PHP
Using PHP 4.1.2 I need to PGP sign a piece of text and detached the signature. I have read a lot in the archives and and about the better exec() calls in 4.3. However I cannot find a reference that indicates the best way to pass a set of arguments out of a PHP script to PGP. I need to use pgp2.6.3i the pgp command line looks like a bit this pgp -sabf -u pgpuser pgppassphrase text pgpsignature This has to be given to the Bash Shell with whatever works exec() system() or passthrough(), any output can be retrieved later . It is possible, if anyone knows how, to set ENV variable in the shell to preload the passphrase and the pgpuser into ENV variables. Has anyone cracked this? Any pointers to archived messages I have missed. Any suggestions at all would be most welcome. {R} -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP/PHP
Jonathan -- ...and then Jonathan said... % % I have necessary PGP client software on my machine and have tested the % functionality of PGP from my site, however, I want to know how to use % PHP to send a PGP email. 1) Do you know how to use pgp to encrypt and decrypt a file? 2) Do you know how pgp is used by a mail user agent to encrypt a mail message? % % This is the scenario, % % I have a shopping cart which directs to SSL, then while in SSL, the % customer will input their information, including credit card info. OK. In general, you send a mail message to someone with the mail() function, and many people choose to predefine their headers, recipient, and content. To wit: [From the manual:] mail (PHP 3, PHP 4 ) mail -- send mail Description bool mail ( string to, string subject, string message [, string additional_headers [, string additional_parameters]]) and ?php $to = [EMAIL PROTECTED] ; $subject = this is a message ; $headers = From: [EMAIL PROTECTED]\nX-Stuff: another header\n ; $body = This is my message body.\n\nThere; that was fun.\n ; mail($to,$subject,$message,$headers) ; ? All you have to do is encrypt your message body and then paste that into this example as $body. You could do it either by capturing $body or just doing an inline replacement. To wit: bash-2.05a$ echo this is text \ | gpg --encrypt --armor --recipient 7B9F4700 \ | gpg --armor --decrypt You need a passphrase to unlock the secret key for user: David T-G [EMAIL PROTECTED] 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 (main key ID 7B9F4700) gpg: encrypted with 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 David T-G [EMAIL PROTECTED] this is text Of course, leaving off the decrypt side will spit out a lovely encrypted text block -- but that takes up more lines to demo :-) % % I want to show a receipt, (no cc #'s of course) and send the order to an % administrator of the site using PGP after all the information has been % gathered and send it from SSL. The site's admin will be able decrypt the % information using the client software. So the site's admin will get a encrypted mail message, right? What's this about no cc number -- you won't print one on the receipt, or you won't give one to the admin, or the receipt without the number is what the admin gets? % % % Thanks in advance. HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg89713/pgp0.pgp Description: PGP signature
Re: [PHP] PGP/PHP
There is actually a gpg PHP module available that makes gpg easy functions available to PHP so you do not need to execute command line programs on plain text files. Remember if you write your data to a plain text file it will temporarily be vunerable to interception by anyone with read access to the file on your web server. With PHP that means at least: the administrators of the machine and any other user on the web server or PHP script being run. There module is available at http://sourceforge.net/projects/gpgext/, here is the description: GPGext is a extension (module) for PHP, written in C, to support GPG manipulation. It use the GPG Made Easy library, and ports all of its functions to PHP, including generating, listing, exporting, and importing of keys, and encrypting and decrypting data. An GUI created with PHP-Gtk is also included to show how this extension works. PHP examples and documentation are also included. Of course a plain text command line solution may be easier to implement however I would avoid implementing that one myself unless you have a high trust level of the server and know the time between writing the file out, encrypting it and wiping it will be small. Jason On Mon, 2002-12-16 at 03:57, David T-G wrote: Jonathan -- ...and then Jonathan said... % % I have necessary PGP client software on my machine and have tested the % functionality of PGP from my site, however, I want to know how to use % PHP to send a PGP email. 1) Do you know how to use pgp to encrypt and decrypt a file? 2) Do you know how pgp is used by a mail user agent to encrypt a mail message? % % This is the scenario, % % I have a shopping cart which directs to SSL, then while in SSL, the % customer will input their information, including credit card info. OK. In general, you send a mail message to someone with the mail() function, and many people choose to predefine their headers, recipient, and content. To wit: [From the manual:] mail (PHP 3, PHP 4 ) mail -- send mail Description bool mail ( string to, string subject, string message [, string additional_headers [, string additional_parameters]]) and ?php $to = [EMAIL PROTECTED] ; $subject = this is a message ; $headers = From: [EMAIL PROTECTED]\nX-Stuff: another header\n ; $body = This is my message body.\n\nThere; that was fun.\n ; mail($to,$subject,$message,$headers) ; ? All you have to do is encrypt your message body and then paste that into this example as $body. You could do it either by capturing $body or just doing an inline replacement. To wit: bash-2.05a$ echo this is text \ | gpg --encrypt --armor --recipient 7B9F4700 \ | gpg --armor --decrypt You need a passphrase to unlock the secret key for user: David T-G [EMAIL PROTECTED] 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 (main key ID 7B9F4700) gpg: encrypted with 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 David T-G [EMAIL PROTECTED] this is text Of course, leaving off the decrypt side will spit out a lovely encrypted text block -- but that takes up more lines to demo :-) % % I want to show a receipt, (no cc #'s of course) and send the order to an % administrator of the site using PGP after all the information has been % gathered and send it from SSL. The site's admin will be able decrypt the % information using the client software. So the site's admin will get a encrypted mail message, right? What's this about no cc number -- you won't print one on the receipt, or you won't give one to the admin, or the receipt without the number is what the admin gets? % % % Thanks in advance. HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP/PHP
I have necessary PGP client software on my machine and have tested the functionality of PGP from my site, however, I want to know how to use PHP to send a PGP email. This is the scenario, I have a shopping cart which directs to SSL, then while in SSL, the customer will input their information, including credit card info. I want to show a receipt, (no cc #'s of course) and send the order to an administrator of the site using PGP after all the information has been gathered and send it from SSL. The site's admin will be able decrypt the information using the client software. Thanks in advance. === Jonathan Villa Application Developer IS Design Development www.isdesigndev.com http://www.isdesigndev.com/ 414.429.0327 === -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP/PHP
I have necessary PGP client software on my machine and have tested the functionality of PGP from my site, however, I want to know how to use PHP to send a PGP email. This is the scenario, I have a shopping cart which directs to SSL, then while in SSL, the customer will input their information, including credit card info. I want to show a receipt, (no cc #'s of course) and send the order to an administrator of the site using PGP after all the information has been gathered and send it from SSL. The site's admin will be able decrypt the information using the client software. Thanks in advance. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP PGP
This is not what I need. I'm not building a userbase to authenticate with. I'm holding a database of users and passwords that I need to keep. There is no authentication done against these user/password pairs. I don't want to keep the passwords in free text since if someone breaks in, he can steel many users and passwords. What I want to do, is encrypt each password with another password. and be able to decrypt the string with the same pass that was used to encrypt to show the original plain text pass two who ever needs to see it. The problem here is that to be able to decrypt a password you will have to store the key somewhere. This key will then be vulnerable if someone breaks into your machine. In other words, the crack becomes a bit more difficult but will have the same catastrophic affects. What you should do is encrypt the password in the database using a one way function, such as crypt(), http://www.php.net/manual/en/function.crypt.php. When the user enters their password, encrypt that and then compare the encrypted passwords. The only problem with this is that there is no easy way to recover the password if the customer loses it. In this scenario, you will have to have an alternative way to reset the customers password. Regards Dave -- Chief Technical Consultant Auxinet Payment Services http://www.auxinet.com Phone: +44 870 72 74 76 2 Sales Office: +44 870 72 74 76 3 Fax: +44 870 72 74 78 2 +44 870 72 74 78 3 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] PHP PGP
This is not what I need. I'm not building a userbase to authenticate with. I'm holding a database of users and passwords that I need to keep. There is no authentication done against these user/password pairs. I don't want to keep the passwords in free text since if someone breaks in, he can steel many users and passwords. What I want to do, is encrypt each password with another password. and be able to decrypt the string with the same pass that was used to encrypt to show the original plain text pass two who ever needs to see it. thanks berber -Original Message- From: John Horton [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 5:49 PM To: Boaz Yahav; PHP General (E-mail) Subject: RE: [PHP] PHP PGP calculate a hash of the pass the user enters and store that. When the user enters a pass again to get the data, then hash this pass and see if it matches the stored hash. If it does , then send the user the data. create a table that stores username, and hashed passwords for authentication. HTH -Original Message- From: Boaz Yahav [mailto:[EMAIL PROTECTED]] Sent: 22 May 2002 17:43 To: PHP General (E-mail) Subject: [PHP] PHP PGP Hi I need to encrypt some fields in my mysql database. I need to ask a user for a pass when he enters the data, encrypt it and show him the data only if he enters the pass again. I know that pgp has a module that works with passwords instead of keys. I never tried this on Linux though. Any help will be appreciated. thanks berber -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP PGP
Hi I need to encrypt some fields in my mysql database. I need to ask a user for a pass when he enters the data, encrypt it and show him the data only if he enters the pass again. I know that pgp has a module that works with passwords instead of keys. I never tried this on Linux though. Any help will be appreciated. thanks berber
RE: [PHP] PHP PGP
calculate a hash of the pass the user enters and store that. When the user enters a pass again to get the data, then hash this pass and see if it matches the stored hash. If it does , then send the user the data. create a table that stores username, and hashed passwords for authentication. HTH -Original Message- From: Boaz Yahav [mailto:[EMAIL PROTECTED]] Sent: 22 May 2002 17:43 To: PHP General (E-mail) Subject: [PHP] PHP PGP Hi I need to encrypt some fields in my mysql database. I need to ask a user for a pass when he enters the data, encrypt it and show him the data only if he enters the pass again. I know that pgp has a module that works with passwords instead of keys. I never tried this on Linux though. Any help will be appreciated. thanks berber -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP PGP
Hello, On 05/22/2002 01:43 PM, Boaz Yahav wrote: Hi I need to encrypt some fields in my mysql database. I need to ask a user for a pass when he enters the data, encrypt it and show him the data only if he enters the pass again. I know that pgp has a module that works with passwords instead of keys. I never tried this on Linux though. I don't know if this solves your problem, but have you tried this? http://www.phpclasses.org/pgp -- Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP PGP
Boaz: On Wed, May 22, 2002 at 04:48:59PM +0100, John Horton wrote: calculate a hash of the pass the user enters and store that. FYI, by hash he means using the md5() function. Ciao! --Dan -- PHP classes that make web design easier SQL Solution | Layout Solution | Form Solution sqlsolution.info | layoutsolution.info | formsolution.info T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y 4015 7 Av #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP and other encryptions methods for PHP
I need to encrypt data in an application then mail it to a recipient where the email client must decrypt using a private key. The recipient would be using MS Outlook or another email client perhaps Eudora. What encryption techonologies are best for this? I had a brief look at OpenPGP but not sure of how well that integrates with PHP. Any help or tips from anyones who's done some work with this would be appreciated. === Ron Dyck WebbTech www.webbtech.net
Re: [PHP] PGP
On Sun, 28 Apr 2002, Richard Lynch wrote: On Sat, 27 Apr 2002, Richard Lynch wrote: $test = escapeshellarg($cleartext); exec(cat $test | /usr/bin/pgpe -a -t -f -r '[EMAIL PROTECTED]' . . . ^Kb^Estdin^H^@^@^@ $cleartext is the actual text? What if you used 'echo' instead of 'cat'? miguel D'oh! Different output, for sure, but still nothing decodable into the original... Maybe cat's bugging on the line breaks (if any) in $cleartext. You might try, for starters, dumping the message into a temp file and passing that through pgpe... TIPS for the archives, in case I die before I figure this out completely: 1. You may or may not need to use putenv(PGPPATH=/home/yourusername/.pgp); 2. If you are going to use --pubring and --secring, note that the filename extension for SECRING is .skr, not .pkr D'oh! 3. When you copypaste from your browser to the SSH session where you can use pgpv to decode your message, the newlines are critical to get *EXACTLY* right, including the extra one after the Message ID: line that was getting lost in my copy/paste 4. It may have been significant that I tried re-ordering the args to pgpv the way they are in man: pgpv -r [EMAIL PROTECTED] -atfz --pubring=/home/.../.pgp/pubring.pkr --secring=/home/.../.pgp/secring.skr Or, maybe not. 5. I am also using addslashes() which might or might not be helping with the newlines... Again, not sure that was the critical thing. #3 was the last thing that made the big difference. I still haven't gotten popen to work, but at least I can do it with exec now, if nothing else. Yes, that's *NOT* good for security, but I'm getting closer to the correct solution. -- Got Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP
On Sat, 27 Apr 2002, Richard Lynch wrote: $test = escapeshellarg($cleartext); exec(cat $test | /usr/bin/pgpe -a -t -f -r '[EMAIL PROTECTED]' . . . ^Kb^Estdin^H^@^@^@ $cleartext is the actual text? What if you used 'echo' instead of 'cat'? miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP
Please Cc: me on replies... I've got to be doing something stupid, because I've succeeded at this PGP (gpg, whatever) stuff before (years ago), but... I'm doing this: $test = escapeshellarg($cleartext); exec(cat $test | /usr/bin/pgpe -a -t -f -r '[EMAIL PROTECTED]' --pubring=/home/bodyline/.pgp/pubring.pkr --secring=/home/bodyline/.pgp/secring.pkr, $result, $error); echo TESTBR\n; echo implode(BR\n, $result); if ($error){ echo OS Error: $errorBR\n; } echo END TESTBR\n; I'm getting this output: -BEGIN PGP MESSAGE- Version: PGPfreeware 5.0i for non-commercial use MessageID: 3kStB52ChIWntEDMoGnXmy62k/g83h8g qANQR1DBwk4DyES2iJ7I3h4QC/4t4gfjedwU6InFgKPNFXWg05fDCVT465vays98 5f8uuQbSsecwjSOC8EuG/23yxLu8Cx+0utaz11/DiSym72YhTkxk38XQEAeP3wYT M4IRnH5T1JE7QvGif/MyqcmU3lOz5RQ7mqZtv+HmAs/gbW8E/sCSmiV4XEz/tv+e GkBg8/ga+KoL7HguGAg39Rbu5Ex1/sXW4l04+FFZyf2X9Pii1evr66QOxqIuqvsF ztomPJMiMdqYsn4hsbi9nOjBzf0pnFR4Z96SlnDURDwQ7M9O5Z4QO735UYTv+9gw 4A5jtKfXZsue2rC6gJ4QT+QZuk5KvjAlSh8/Dsrn5c6/gKWOz9Zn70VbhRqb4DT6 YGeCCFBjuGzCwL/RS+luNr5PxANFFfj0qS75SDRsvsEN0cUafRA8U9BbTLK+toEB y3JkQufZtAdC5aHD/QcWnkGojAaM/fK1ZHxLyp09VHjWpT+2TI76kmTOnfGLuuw3 N9688m9To7Hrn+pRNeyHT5+zm9cL/isNsdbuSW/4XO+W/niTGLpAI/jHt7HkCRpr LDvyoCDONT64xfqY17i16VBenH4KIdUIc+pz9qrETjBcRFJ7Z7JOeOrOxi/VQecT jgr6D+xt4Zpl16LXPcd5baGcs6uCl3MD1zyjMKLvlOjiZ5yZ482iyLvYcdplZ5/R +hP1GrkDwOZq1lsuJtJ6B/Ptz5E03A+bEQ9OAw4PHB214ZJ7apCuscTcBJOu7+wj 47wLLplEUOgMRIB+DZ8wp2Qq10+vYt3VyB8m6ef+Lq7bqT2bUioBoQg/gO4VSQrA sg/l4SGgc8wW7fvGRI4XmrSHhDJcYrRcRw8rJS9rsQXBKIUIUfIfVZ2v/iynEAlP qykTt84J8iHdFTYxwO4wwJC8w7Hahdc+AyYwsWANwmsF/QCZqzzWL76uTQ9ocasd lh9U5u2VJZcwJ20OVKziaAlXu8u0AGNaOaqW7EcTrImEar6pSNJC6PGy3ISSXkbW QFSHqJdsVUg873d/uMlrB8s0cI85kMkbb+162VCtITH/ckCxqtYiCwFvHVC+6Rq7 p1fD =6EMp -END PGP MESSAGE- I plug that into: /usr/bin/pgpv -f -o output Everything seems fine... Except output has this in it: ^Kb^Estdin^H^@^@^@ That ain't right. I've tried it with pasting the PGP MESSAGE and then ^D, and I've tried it with the message in a file, and I'm just completely stumped at this point. With and without -t as well. Pretty much the same thing. I can do a test from the command line without PHP getting involved, and it all works just fine as well... I've generated a second keypair and tried the second recipient (-r) and get the same thing. I dunno when it happened, but both pgp.com and gpg.org are useless now, so I dunno where to turn... And it *IS* working until PHP gets in the picture. PHP is running as a CGI and exec('whoami') tells me I'm the user who owns the keyring, and the output sure *LOOKS* like a PGP message, so, like, it's not that PGP isn't doing something with my input. I've tried it with the whole popen thing, and with the mkfifo thing for fake pipes, and I'll be durned if I can get those to do any better. I can make them worse, by making stupid mistakes, but not better :-) What am I doing that's stupid?... -- Got Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PGP -- PHP
Hello Everybody, we have a problem to implement a PGP-function into a PHP-Script. PHP 4.0.6 as CGI, Apache 1.3.11, FeeBSD 4.2 a) PGP from the command line works: % pgps -ato test.sig test.txt -z passphrase b) Calling a little PHP Script $kommando = /usr/local/bin/pgps -ato test.sig test.txt -z passphrase; exec($kommando,$antwort); to do so, also everything works fine: % virtual /usr/local/bin/php /etc/test-pgp.php Creating output file test.sig X-Powered-By: PHP/4.0.6 Content-type: text/html c) But when we use this very same PHP-code within a script, and call this script through the web, it's not working anymore and the error_log says Cannot open configuration file pgp.cfg Cannot open secret keyring secring.skr Cannot open public keyring pubring.pkr Why is that and can this problem be solved ? Thank you very much. Juergen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP -- PHP
* J.Mueller, pro.vider.de GmbH ([EMAIL PROTECTED]) [Dec 22. 2001 10:03]: Hello Everybody, Hiya. we have a problem to implement a PGP-function into a PHP-Script. PHP 4.0.6 as CGI, Apache 1.3.11, FeeBSD 4.2 a) PGP from the command line works: % pgps -ato test.sig test.txt -z passphrase b) Calling a little PHP Script $kommando = /usr/local/bin/pgps -ato test.sig test.txt -z passphrase; exec($kommando,$antwort); to do so, also everything works fine: % virtual /usr/local/bin/php /etc/test-pgp.php Creating output file test.sig X-Powered-By: PHP/4.0.6 Content-type: text/html c) But when we use this very same PHP-code within a script, and call this script through the web, it's not working anymore and the error_log says Cannot open configuration file pgp.cfg Cannot open secret keyring secring.skr Cannot open public keyring pubring.pkr Why is that and can this problem be solved ? This happens because when you run this from the shell, it's picking up your environment. Apache has a completely different environment. You need to create a dummy keyring for Apache's user in the location this may provide: ?php $effective_user = posix_getpwuid(posix_geteuid()); print 'Apache is: ' . $effective_user['name']; print 'brHome is: ' . $effective_user['dir']; ? Or you can use putenv() to make apache temporarily use another $HOME that has the correct keyrings. YMMV -- Brian Clark | Avoiding the general public since 1805! Fingerprint: 07CE FA37 8DF6 A109 8119 076B B5A2 E5FB E4D0 C7C8 I think you need to flash your brain's firmware. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] php + pgp (gnupg)
Can i decrypt files with pgp (gnupg) with php scripts? If i can, does anybody have an example or 2? Thanx /Kasper -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] php + pgp (gnupg)
Yes. Use backticks, system(), exec(), etc. For help on command line w/ GnuPG, try gpg --help. I don't have examples, but there are probably some @ hotscripts.com -- Looking for a parallel, three-dimensional explicit Eulerian grid code for astrophysical magnetohydrodynamics? Of course you are! Everyone is! http://lca.ncsa.uiuc.edu/lca_intro_zeusmp.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] php + pgp (gnupg)
ive done this b4 but havn't got the scripts here they at home (can't remember the exact command line, but from memory was a little fiddly), if you have any problems send a email to [EMAIL PROTECTED] over the weekend and i will gladly try and dig up an example for you. regards joseph -Original Message- From: Kasper [mailto:[EMAIL PROTECTED]] Sent: Friday, 19 October 2001 8:30 AM To: [EMAIL PROTECTED] Subject: [PHP] php + pgp (gnupg) Can i decrypt files with pgp (gnupg) with php scripts? If i can, does anybody have an example or 2? Thanx /Kasper -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP PGP
Hello Pepe, Thursday, June 28, 2001, 6:05:48 PM, you wrote: PL I want to encrypt mails coming from my webform with pgp. Is it possible? It is possible. Also, If you had been chosen GNUPG instead of PGP you could use the class located at http://phpclasses.upperdesign.com/browse.html/package/245 -- Best regards, Maxim Derkachev mailto:[EMAIL PROTECTED] System administrator programmer, Symbol-Plus Publishing Ltd. phone: +7 (812) 324-53-53 www.books.ru, www.symbol.ru -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] PHP PGP
It is possible, but I have not found any good tutorials on the subject. There is one on Web Monkey at this address: http://hotwired.lycos.com/webmonkey/programming/php/tutorials/tutorial1.html All the commands were wrong for the PGP version (6.5) that was loaded on my web server. I found that the following worked: 1. Make sure you know where PGP is located on the server. Try a whereis pgp. On my system it was installed in /usr/bin. 2. Make sure the nobody (or the user the web server runs as) user has a home directory defined in your passwd file. This will cause problems when you setup the key ring. (do not define a shell for this user!) 3. Copy an ASCII version of your public key into a file that the nobody user can access. 4. su into the nobody account 5. Create a signing key for the nobody user this this command: pgp -kg There is no need to create an encryption key. 6. Add your public key to nobody's keying with this command: pgp -ka /path/to/your/public/key 7. Assign an trust level to the key: pgp -ke 'Usuerid' If you don't know the userid for the key use pgp -kvv to find out 8. Sign the key with: pgp -ks 'your user id' -u 'their userid' Then the form and php script in the Web monkey tutorial should work. Let me know if this helps and good luck. David Price -Original Message- From: Pepe Lopez [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 28, 2001 7:06 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP PGP Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? regards, Lopez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] PHP PGP
Yes, here's some code, adapt to your needs. -Original Message- From: Pepe Lopez [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 28, 2001 10:06 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP PGP Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? regards, Lopez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] PHP PGP
class eZGPG { /*! \static Encrypt function */ function eZGPG( $plaintxt, $keyname, $wwwuser) { $this-keyname=$keyname; if ( sizeof( $this-keyname ) == 0 ) $this-body = WARNING: No Keys Specified; $this-pcmd = echo '$plaintxt' | ; $this-pcmd .= $this-pathtogpg.$this-encryptcommand; $this-pcmd.= -a -q --no-tty -e -u . $wwwuser . --homedir ' . $this-home .' -r '. $this-keyname . ' ; //clear return array and execute encrypt command unset( $ret ); exec($this-pcmd, $ret); //loop return array for encrypted text foreach( $ret as $key=$value ) { $this-body .= $value; $this-body .=\n; } } // return $this-body function getbody() { return $this-body; } var $body; var $keyname = array(); var $ret = array(); var $pathtogpg = /usr/bin/; var $pcmd; var $encryptcommand = gpg --encrypt --batch --no-secmem-warning; var $home = /var/www/.gnupg; } -Original Message- From: Pepe Lopez [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 28, 2001 10:06 AM To: [EMAIL PROTECTED] Subject: [PHP] PHP PGP Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? regards, Lopez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] PHP PGP
possible? yes. feasable? yes and no... 1) encrypting traffic from the user's browser to your server is extremely impractical. 2) encrypting information on the server with PGP is a whole lot easier... there are a bunch of PHP - PGP interface packages i've seen around, so do some searching and see what you pull up. after a quuick search at PHP Classes, i found this class that will encrypt text with PGP and attach it to an email message... i'm sure that you could rip out the pertinent portions of code and use it for your own ends: http://phpclasses.upperdesign.com/browse.html/package/39 -Original Message- From: Pepe Lopez [mailto:[EMAIL PROTECTED]] Subject: [PHP] PHP PGP Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? regards, Lopez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PHP PGP
Pepe Lopez [EMAIL PROTECTED] wrote: Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? this hack might help you http://alt-php-faq.org/#id65 -- Henrik Hansen -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PHP PGP
Hi there, I want to encrypt mails coming from my webform with pgp. Is it possible? regards, Lopez -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP with MySQL
Jeff Oien wrote: Jeff wrote: I am trying to find the maximum security for storing credit card numbers. From reading the archives someone mentioned using a PGP based encryption to encrypt the credit card number and store it into the database, and have the company that is processing the order have the decryption key on the their computer. Any comments or different ideas on this system? (I'm a different Jeff) I searched through the archives and couldn't find your message. I'm interested in this also. The PHP PGP tutorials all deal with sending e-mail using PGP. I would like to be able to do this on the server to retrieve information from the server. Jeff Oien Sorry for the confusion, but I actually was using gnuPG (the principles are the same) my mistake :-) Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PGP with MySQL
I am trying to find the maximum security for storing credit card numbers. From reading the archives someone mentioned using a PGP based encryption to encrypt the credit card number and store it into the database, and have the company that is processing the order have the decryption key on the their computer. Any comments or different ideas on this system? Thanks Jeff -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP with MySQL
Jeff wrote: I am trying to find the maximum security for storing credit card numbers. From reading the archives someone mentioned using a PGP based encryption to encrypt the credit card number and store it into the database, and have the company that is processing the order have the decryption key on the their computer. Any comments or different ideas on this system? Jeff, search of the php-general list archives for 'PGP' as I have been through this one and there are a few concerning issues. Regards, Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] pgp text formatting
// then I place the message that is to be encrypted in a file $fp = fopen("plaintxt", "w+"); This won't scale up too well... You would be better off to use pipe (|) to shove it to the PGP program. Actually, that's still not such a hot idea... Anybody who can do "ps aux" could catch the occasional credit card that way. Use popen instead of system. OTOH, if you are using SSL, as you should for this, and there exists a user with a login who can do "ps" that you don't inherently trust, you're already in deeper trouble than system() versus popen()... Still, better safe than sorry, and popen won't be that much harder than system() fputs($fp, $msg); This adds a line break at the end, though. And it maybe "escapes" the embedded newlines on the assumption that you intend to use fgets()to read the "line" back in. Also, if you have MagicQuotes Whatsit turned on (not GPC, the other one) that will also maybe attempt to add backslashes to the data. Use fwrite to get *exactly* what you put in, and make sure php.ini doesn't have the second MagicQuotes thingie turned on. I've never turned it on, so don't remember what it's called. Magic Quotes Runtime? Yeah, that's it... // fyi ... if at this point, if I were to open the file plaintxt // all of my line breaks would still be there Plus an extra one at the end. :-) // next I encrypt the data and write it to a file called crypted system("/usr/local/bin/pgpe -r [EMAIL PROTECTED] -o crypted -a plaintxt"); unlink("plaintxt"); // now ... if at this point I were to open the file crypted and decrypt it // I would get my message in a long line with squares where every break should be If all else fails, fopen that and read it char by char printing out the ASCII codes of any non-alphabetic chars and figure out what those little squares are. Your text editor shows all sorts of unprintable characters as little squares. You need to figure out which character it actually is. (Or get a better editor that will tell you, or find out how to make your editor tell you.) // here's the method I use to get this crypted data added to my log file $fd = fopen("crypted", "r"); $msg_crypted = fread($fd, filesize("crypted")); fclose($fd); unlink("crypted"); $order_log = fopen("order_log", "a"); fwrite($order_log, $msg_crypted); fclose($order_log); So, if anyone can help me figure out a way to keep these line breaks in place all the way through to decryption, I would be VERY appreciative. I know this is possible ... because, if I take the same message from my code and place it in a text editor ... encrypt and decrypt it using my desktop PGP software ... all of the line breaks remain intact. -- Visit the Zend Store at http://www.zend.com/store/ Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] pgp text formatting
I sent this off a couple days ago, but did not see it on the list ... please excuse the traffic if you are seeing this for a second time. I am writing some code (PHP3/4 on Apache) that encrypts some text using PGP and writes it to a log_file. I am having problems getting the line breaks to remain intact from the original unencrypted version to the final decrypted version. Here's my code: // first I setup a variable with the message to be encrypted, // note the line breaks $msg = " * * * * * * * * * * BILL TO: $type_of_card $card_number $users_name ($expiration_date) $b_first_name $b_last_name $b_address_1 $b_address_2 $b_city, $b_state $b_zip $b_day_phone $b_night_phone $b_email * * * * * * * * * * "; // next I set the environment variable for PGPPATH putenv("PGPPATH=/.pgp"); // then I place the message that is to be encrypted in a file $fp = fopen("plaintxt", "w+"); fputs($fp, $msg); fclose($fp); // fyi ... if at this point, if I were to open the file plaintxt // all of my line breaks would still be there // next I encrypt the data and write it to a file called crypted system("/usr/local/bin/pgpe -r [EMAIL PROTECTED] -o crypted -a plaintxt"); unlink("plaintxt"); // now ... if at this point I were to open the file crypted and decrypt it // I would get my message in a long line with squares where every break should be // here's the method I use to get this crypted data added to my log file $fd = fopen("crypted", "r"); $msg_crypted = fread($fd, filesize("crypted")); fclose($fd); unlink("crypted"); $order_log = fopen("order_log", "a"); fwrite($order_log, $msg_crypted); fclose($order_log); So, if anyone can help me figure out a way to keep these line breaks in place all the way through to decryption, I would be VERY appreciative. I know this is possible ... because, if I take the same message from my code and place it in a text editor ... encrypt and decrypt it using my desktop PGP software ... all of the line breaks remain intact. Please help! Thanks, Nick -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] PHP+PGP+Apache! Newbie, please help!!
Hi, I'm trying to uses PGP with PHP and Apahce. I have Apache and PHP configured but am finding it difficult to find any information on how to use PGP with them! Any help would be much apreciated! Thanks, Kevin.