[PHP-DEV] Why am I back on this list ?
Hello php-dev, Is there a problem with this listserv at the moment? over two months ago I successfully unsubbed from it; and this morning I get into work to find some 400+ messages waiting for me. I assume its been backed up (the list membership) from an old copy? I cannot unsubscribe seemingly, the automatic operations do not work any longer and the form on php.net isn't sending anything either. Please can I be unsubbed, thankyou. -- Best regards, Chrismailto:[EMAIL PROTECTED] -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re[2]: [PHP-DEV] Lame support for win32 mail() function -rant
Hello List, Can we please kill this ridiculous conversation. If I wanted to spend my time reliving the Win/*NIX PHP/ASP flamewars of yesteryear I'd goto one of any number of unenlightened kiddie boards. Many thanks to the effors of Derek/Andi (PHP/Zend respectively) for their assistance with the mcrypt() problem under 4.0.5 - I shall be implementing the suggested fixes for this later on today and will get back to the list on the result. I don't have time to keep trawling through endless pointless kiddie mails looking for the ones pertinent to the various projects on hand, so please can we keep the list matter salient. -- Best regards, Chrismailto:[EMAIL PROTECTED] -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DEV] Open issues for 4.0.6
Hello Andi, Friday, May 18, 2001, 5:07:46 PM, you wrote: AG I think there are two main open issues for 4.0.6. AG The crash in mcrypt (if it is a general problem) and the rollback of domxml. AG Am I correct? Is there anything else crucial which needs to be added? AG Andi I re-verified the mcrypt problem late last night by upgrading a redundant linux server to 4.0.6 and the mcrypt functions immediately started to fail - interestingly all platforms this has been tested on return DNS/Server not found errors in MSIE 5.0 under Win32. I fully expect it to do the same on other platforms/browser configurations but don't have the time to go through them all. The immediate workaround is of course to comment out / remove the appropriate calls to the mcrypt functions but clearly for applications where data integrity is important this isn't a long term fix. I understand that Derek was going to have a look at this issue last night, and would appreciate any information on progress as and when it arises; we have 3 applications relying on this functionality to secure user data and each of them is now using alternative methods which I am keen to bin at the earliest opportunity. -- Best regards, Chris Operations Director, Gameshrine Limited mailto:[EMAIL PROTECTED] -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] mcrypt failure under PHP 4.0.5 - more info.
Hi fellow developers, RE: mcrypt functionality failure since PHP 4.0.5 upgrade. This is a snippet taken from the class that handles the addition of new users into the users table. It shows the way we *were successfully* using mcrypt to encrypt user's passwords: //--- Begin code paste. $password_key = md5($username); // Actual passwords are randomly generated. // User may change later. srand((double)microtime()*100); $password = substr(md5(rand(0,999)),0,8); // Encrypt password using md5 string above. $td = mcrypt_module_open (MCRYPT_TripleDES, , MCRYPT_MODE_ECB, ); $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND); mcrypt_generic_init ($td, $password_key, $iv); $encrypted_password = mcrypt_generic ($td,$password); mcrypt_generic_end ($td); // Do database insert using $encrypted_password value. //--- End code paste. The rest is irrelevant. Up until the upgrade to PHP 4.0.5, the above method worked without any issue, each time returning properly encrypted passwords which were then stored in the database. At the moment passwords are now being stored unencrypted but since its currently on an internal development server the security implications are negligible, BUT I would appreciate any feedback, similar encounters, etc from the development community since this clearly needs fixing. Many thanks, Chris. -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]