Re: [PHP] PGP 5 start up issue
On Fri, November 4, 2005 8:46 pm, Vizion wrote: > php 5 on windows xp with apache 2 and mysql 5. > > Php start up unable to load dynamic library: > E:\php\ext\php_bz2.dll with error 'The specified module could not be > found' > same for and php_yaz.dll > I have php5ts.dll in both E:\php\ and E:\php\ext > > I had a similar problem for php_mcrypt which was solved by installing > libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve > the > problems with these two. > > I tried copying versions of yaz.dll and php_yaz.dll from > http://www.indexdata.dk/phpyaz but to no avail. That only screwed up > php 5 > because those versions seemed to be looking for php4ts.dll rather than > php5ts.dll so I seemed to have got stumped. For sure, you CANNOT mix-n-match the DLLs from PHP4 and PHP5. You can't even reliably mix-n-match 4.1.x and 4.1.y, really, I don't think. It *might* work, but I doubt it would be truly stable long-term, as sooner or later you'll use that one function that CHANGED between x and y, and Boom! That said, start with http://php.net/phpinfo and see where PHP thinks your php.ini file should be. Put your php.ini file there. Then, in that php.ini file, look for the extensions_dir setting, and see where it expects your extensions to be. Then put all your PHP5 DLLs there. Only include the DLLs that came bundled with your PHP5 zip, at least to start. You *might* be able to find PHP DLLs that were compiled with that EXACT SAME version of PHP for the libraries you want. But under no circumstances should you try DLLs compiled for other versions. If you're lukcy it won't work at all. If you're unlucky, it will SEEM to work, and you'll go on with life, until... see Boom! above. You may want to try the PHP-Windows list to locate specific DLLs for your PHP version. Good Luck! PS In theory, if you own MSVC++ 7 (8? 9?) you could snag PHP source and compile all the DLLs you need... I tried that once, and couldn't get past finding the "compile" button in the IDE, which promptly caused the IDE to puke un-intelligible error messages at me... I thrashed and flailed and Googled [*] for days and got nothing useful. I was doing this because the (there was only one then) PHP Windows guy was too busy to compile PHP for Windows and PHP 3.?.? had just come out and somebody else needed it... Some other person got the job done, fortunately. I never did get MSVC++ to do anything useful... * Can you call it Googling when you did it using search engines that pre-date Google because Google didn't exist?... :-) -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP 5 start up issue
On Sunday 06 November 2005 12:14, the author Unknown Unknown contributed to the dialogue on- Re: [PHP] PGP 5 start up issue: >I don't mean the php.ini file, I mean the extension directive setting in >php.ini Yep I thought that was what you meant -- it is not the cause.. I should have posted that I found a solution which was to use the pear functions dor those extensions. It seems, for some reason, that the extensions do not work on php5 but the pear equivalents do.. at least for me. david -- 40 yrs navigating and computing in blue waters. English Owner & Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP 5 start up issue
I don't mean the php.ini file, I mean the extension directive setting in php.ini
Re: [PHP] PGP 5 start up issue
On Saturday 05 November 2005 08:58, the author Unknown Unknown contributed to the dialogue on- Re: [PHP] PGP 5 start up issue: >On 11/5/05, Unknown Unknown <[EMAIL PROTECTED]> wrote: >> On 11/4/05, Vizion <[EMAIL PROTECTED]> wrote: >> > php 5 on windows xp with apache 2 and mysql 5. >> > >> > Php start up unable to load dynamic library: >> > E:\php\ext\php_bz2.dll with error 'The specified module could not be >> > found' >> > same for and php_yaz.dll >> > I have php5ts.dll in both E:\php\ and E:\php\ext >> > >> > I had a similar problem for php_mcrypt which was solved by installing >> > libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the >> > >> > problems with these two. >> > >> > I tried copying versions of yaz.dll and php_yaz.dll from >> > http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php >> > 5 >> > because those versions seemed to be looking for php4ts.dll rather than >> > php5ts.dll so I seemed to have got stumped. >> > >> > Can anyone help out? >> > >> > Thanks in advance >> > >> > david >> > >> > >> > >> > -- >> > 40 yrs navigating and computing in blue waters. >> > English Owner & Captain of British Registered 60' bluewater Ketch S/V >> > Taurus. >> > Currently in San Diego, CA. Sailing bound for Europe via Panama Canal >> > after >> > completing engineroom refit. >> > >> > -- >> > PHP General Mailing List (http://www.php.net/) >> > To unsubscribe, visit: http://www.php.net/unsub.php >> > >> > i recommend you change php.ini and make the extensions folder e:\php\ >> >> or whatever you use, it would probably fix the problem > > oh and also check spelling and if windows has read/write/execute >permissions make sure there is proper persmissions I have tried placing the php.ini file in \windows and \windows\system32 and tried it in both places to no avail. All the other extensions load fine - the problem seems to be peculiar to these two. The spelling is fine... david -- 40 yrs navigating and computing in blue waters. English Owner & Captain of British Registered 60' bluewater Ketch S/V Taurus. Currently in San Diego, CA. Sailing bound for Europe via Panama Canal after completing engineroom refit. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP 5 start up issue
On 11/5/05, Unknown Unknown <[EMAIL PROTECTED]> wrote: > > > > On 11/4/05, Vizion <[EMAIL PROTECTED]> wrote: > > > > php 5 on windows xp with apache 2 and mysql 5. > > > > Php start up unable to load dynamic library: > > E:\php\ext\php_bz2.dll with error 'The specified module could not be > > found' > > same for and php_yaz.dll > > I have php5ts.dll in both E:\php\ and E:\php\ext > > > > I had a similar problem for php_mcrypt which was solved by installing > > libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the > > > > problems with these two. > > > > I tried copying versions of yaz.dll and php_yaz.dll from > > http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php > > 5 > > because those versions seemed to be looking for php4ts.dll rather than > > php5ts.dll so I seemed to have got stumped. > > > > Can anyone help out? > > > > Thanks in advance > > > > david > > > > > > > > -- > > 40 yrs navigating and computing in blue waters. > > English Owner & Captain of British Registered 60' bluewater Ketch S/V > > Taurus. > > Currently in San Diego, CA. Sailing bound for Europe via Panama Canal > > after > > completing engineroom refit. > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > i recommend you change php.ini and make the extensions folder e:\php\ > or whatever you use, it would probably fix the problem > oh and also check spelling and if windows has read/write/execute permissions make sure there is proper persmissions
Re: [PHP] PGP 5 start up issue
On 11/4/05, Vizion <[EMAIL PROTECTED]> wrote: > > php 5 on windows xp with apache 2 and mysql 5. > > Php start up unable to load dynamic library: > E:\php\ext\php_bz2.dll with error 'The specified module could not be > found' > same for and php_yaz.dll > I have php5ts.dll in both E:\php\ and E:\php\ext > > I had a similar problem for php_mcrypt which was solved by installing > libmcrypt.dll in E:\windows\system32 but I just cannot seem to solve the > problems with these two. > > I tried copying versions of yaz.dll and php_yaz.dll from > http://www.indexdata.dk/phpyaz but to no avail. That only screwed up php 5 > because those versions seemed to be looking for php4ts.dll rather than > php5ts.dll so I seemed to have got stumped. > > Can anyone help out? > > Thanks in advance > > david > > > > -- > 40 yrs navigating and computing in blue waters. > English Owner & Captain of British Registered 60' bluewater Ketch S/V > Taurus. > Currently in San Diego, CA. Sailing bound for Europe via Panama Canal > after > completing engineroom refit. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > i recommend you change php.ini and make the extensions folder e:\php\ or whatever you use, it would probably fix the problem
Re: [PHP] pgp form handler will not display data
Jack -- [Aha ... I see that you provide the calling URL in this post, which explains the near-duplication. One question answered; a million to go!] ...and then Jack E. Wasserstein, DDS, Inc. said... % % There must be something obvious that I am missing but I cant get the php ... % % output from % % patreferhandler.php?%24referringdr=sample+person&[EMAIL PROTECTED] % .com&dateofreferral=12%2F03%2F03&pfirst=clientfirst&plast=clientlast&telepho % ne=555-&imageupload=&Submit=Submit While it looks like dateofreferral, pfirst, plast, telephone, Submit should work, I don't at all trust the %24 nistead of & at the beginning of the URL; it's probably turned off your input parsing. Fix that and try again and let us know what you get. HTH & HAND & Happy Holidays :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] PGP and PHP together???
Jason, et al -- ...and then Jason Sheets said... % % There is a PHP extension named GPGext for PHP, it uses the gnupg made % easy library to make gpg functions available to PHP without executing % external programs. Way cool! I'm not suprised, but I hadn't heard of it before. Can't wait to see what functions it offers. % % It is available at: http://www.sourceforge.net/projects/gpgext/ Thanks a *bunch* for the link. I'll very eagerly surf over! % % Jason Thanks & HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg96736/pgp0.pgp Description: PGP signature
Re: [PHP] PGP and PHP together???
There is a PHP extension named GPGext for PHP, it uses the gnupg made easy library to make gpg functions available to PHP without executing external programs. It is available at: http://www.sourceforge.net/projects/gpgext/ Jason On Wed, 2003-02-12 at 20:34, David T-G wrote: > Mike -- > > ...and then MIKE YRABEDRA said... > % > % Is it possible to use php and pgp together? Are there any good tutorials out > % there? > > It's absolutely possible. What do you want to do? The only thing that > most people find a little tricky is that you have to think as the web > server and not as yourself, so the web server has to be able to find the > keys and such. > > I don't know of any tutorials in particular but it's like calling any > other external program. It might be fun to have some pgp/gpg functions > built into a class, but I'm not clever enough to write that [yet ;-] > > > HTH & HAND > > :-D > -- > David T-G * There is too much animal courage in > (play) [EMAIL PROTECTED] * society and not sufficient moral courage. > (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" > http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP and PHP together???
Mike -- ...and then MIKE YRABEDRA said... % % Is it possible to use php and pgp together? Are there any good tutorials out % there? It's absolutely possible. What do you want to do? The only thing that most people find a little tricky is that you have to think as the web server and not as yourself, so the web server has to be able to find the keys and such. I don't know of any tutorials in particular but it's like calling any other external program. It might be fun to have some pgp/gpg functions built into a class, but I'm not clever enough to write that [yet ;-] HTH & HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg96734/pgp0.pgp Description: PGP signature
Re: [PHP] PGP/PHP
There is actually a gpg PHP module available that makes gpg easy functions available to PHP so you do not need to execute command line programs on plain text files. Remember if you write your data to a plain text file it will temporarily be vunerable to interception by anyone with read access to the file on your web server. With PHP that means at least: the administrators of the machine and any other user on the web server or PHP script being run. There module is available at http://sourceforge.net/projects/gpgext/, here is the description: GPGext is a extension (module) for PHP, written in C, to support GPG manipulation. It use the GPG Made Easy library, and ports all of its functions to PHP, including generating, listing, exporting, and importing of keys, and encrypting and decrypting data. An GUI created with PHP-Gtk is also included to show how this extension works. PHP examples and documentation are also included. Of course a plain text command line solution may be easier to implement however I would avoid implementing that one myself unless you have a high trust level of the server and know the time between writing the file out, encrypting it and wiping it will be small. Jason On Mon, 2002-12-16 at 03:57, David T-G wrote: > Jonathan -- > > ...and then Jonathan said... > % > % I have necessary PGP client software on my machine and have tested the > % functionality of PGP from my site, however, I want to know how to use > % PHP to send a PGP email. > > 1) Do you know how to use pgp to encrypt and decrypt a file? > > 2) Do you know how pgp is used by a mail user agent to encrypt a mail > message? > > > % > % This is the scenario, > % > % I have a shopping cart which directs to SSL, then while in SSL, the > % customer will input their information, including credit card info. > > OK. > > In general, you send a mail message to someone with the mail() function, > and many people choose to predefine their headers, recipient, and content. > To wit: > > [From the manual:] > mail > (PHP 3, PHP 4 ) > mail -- send mail > Description > bool mail ( string to, string subject, string message [, string > additional_headers [, string additional_parameters]]) > > and > >$to = "[EMAIL PROTECTED]" ; > $subject = "this is a message" ; > $headers = "From: [EMAIL PROTECTED]\nX-Stuff: another header\n" ; > $body = "This is my message body.\n\nThere; that was fun.\n" ; > mail($to,$subject,$message,$headers) ; > ?> > > All you have to do is encrypt your message body and then paste that into > this example as $body. You could do it either by capturing $body or just > doing an inline replacement. To wit: > > bash-2.05a$ echo "this is text" \ > | gpg --encrypt --armor --recipient 7B9F4700 \ > | gpg --armor --decrypt > > You need a passphrase to unlock the secret key for > user: "David T-G <[EMAIL PROTECTED]>" > 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 (main key ID > 7B9F4700) > > gpg: encrypted with 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 > "David T-G <[EMAIL PROTECTED]>" > this is text > > Of course, leaving off the decrypt side will spit out a lovely encrypted > text block -- but that takes up more lines to demo :-) > > > % > % I want to show a receipt, (no cc #'s of course) and send the order to an > % administrator of the site using PGP after all the information has been > % gathered and send it from SSL. The site's admin will be able decrypt the > % information using the client software. > > So the site's admin will get a encrypted mail message, right? What's > this about no cc number -- you won't print one on the receipt, or you > won't give one to the admin, or the receipt without the number is what > the admin gets? > > > % > % > % Thanks in advance. > > HTH & HAND > > > :-D > -- > David T-G * There is too much animal courage in > (play) [EMAIL PROTECTED] * society and not sufficient moral courage. > (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" > http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP/PHP
Jonathan -- ...and then Jonathan said... % % I have necessary PGP client software on my machine and have tested the % functionality of PGP from my site, however, I want to know how to use % PHP to send a PGP email. 1) Do you know how to use pgp to encrypt and decrypt a file? 2) Do you know how pgp is used by a mail user agent to encrypt a mail message? % % This is the scenario, % % I have a shopping cart which directs to SSL, then while in SSL, the % customer will input their information, including credit card info. OK. In general, you send a mail message to someone with the mail() function, and many people choose to predefine their headers, recipient, and content. To wit: [From the manual:] mail (PHP 3, PHP 4 ) mail -- send mail Description bool mail ( string to, string subject, string message [, string additional_headers [, string additional_parameters]]) and All you have to do is encrypt your message body and then paste that into this example as $body. You could do it either by capturing $body or just doing an inline replacement. To wit: bash-2.05a$ echo "this is text" \ | gpg --encrypt --armor --recipient 7B9F4700 \ | gpg --armor --decrypt You need a passphrase to unlock the secret key for user: "David T-G <[EMAIL PROTECTED]>" 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 (main key ID 7B9F4700) gpg: encrypted with 2048-bit ELG-E key, ID 1AEFE05A, created 2001-12-16 "David T-G <[EMAIL PROTECTED]>" this is text Of course, leaving off the decrypt side will spit out a lovely encrypted text block -- but that takes up more lines to demo :-) % % I want to show a receipt, (no cc #'s of course) and send the order to an % administrator of the site using PGP after all the information has been % gathered and send it from SSL. The site's admin will be able decrypt the % information using the client software. So the site's admin will get a encrypted mail message, right? What's this about no cc number -- you won't print one on the receipt, or you won't give one to the admin, or the receipt without the number is what the admin gets? % % % Thanks in advance. HTH & HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://www.justpickone.org/davidtg/Shpx gur Pbzzhavpngvbaf Qrprapl Npg! msg89713/pgp0.pgp Description: PGP signature
[PHP] Re: PHP & PGP
Hello, On 05/22/2002 01:43 PM, Boaz Yahav wrote: > Hi > > I need to encrypt some fields in my mysql database. > I need to ask a user for a pass when he enters the data, encrypt it and show him the >data only if he enters > the pass again. > > I know that pgp has a module that works with passwords instead of keys. I never >tried this on Linux though. I don't know if this solves your problem, but have you tried this? http://www.phpclasses.org/pgp -- Regards, Manuel Lemos -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP
>On Sun, 28 Apr 2002, Richard Lynch wrote:
>>>On Sat, 27 Apr 2002, Richard Lynch wrote:
$test = escapeshellarg($cleartext);
exec("cat $test | /usr/bin/pgpe -a -t -f -r '[EMAIL PROTECTED]'
. . .
^Kb^Estdin^H^@^@^@
>>>
>>>$cleartext is the actual text? What if you used 'echo' instead of 'cat'?
>>>
>>>miguel
>>
>> D'oh!
>>
>> Different output, for sure, but still nothing decodable into the original...
>
>Maybe cat's bugging on the line breaks (if any) in $cleartext. You might
>try, for starters, dumping the message into a temp file and passing that
>through pgpe...
TIPS for the archives, in case I die before I figure this out completely:
1. You may or may not need to use putenv("PGPPATH=/home/yourusername/.pgp");
2. If you are going to use --pubring and --secring, note that the
filename extension for SECRING is .skr, not .pkr D'oh!
3. When you copy&paste from your browser to the SSH session where you
can use pgpv to decode your message, the newlines are critical to get
*EXACTLY* right, including the extra one after the "Message ID:
" line that was getting lost in my copy/paste
4. It may have been significant that I tried re-ordering the args to
pgpv the way they are in man:
pgpv -r [EMAIL PROTECTED] -atfz
--pubring=/home/.../.pgp/pubring.pkr
--secring=/home/.../.pgp/secring.skr
Or, maybe not.
5. I am also using addslashes() which might or might not be helping
with the newlines... Again, not sure that was the critical thing.
#3 was the last thing that made the big difference.
I still haven't gotten popen to work, but at least I can do it with
exec now, if nothing else. Yes, that's *NOT* good for security, but
I'm getting closer to the correct solution.
--
Got Music? http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP
On Sat, 27 Apr 2002, Richard Lynch wrote:
> $test = escapeshellarg($cleartext);
> exec("cat $test | /usr/bin/pgpe -a -t -f -r '[EMAIL PROTECTED]'
> . . .
> ^Kb^Estdin^H^@^@^@
$cleartext is the actual text? What if you used 'echo' instead of 'cat'?
miguel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PGP --> PHP
* J.Mueller, pro.vider.de GmbH ([EMAIL PROTECTED]) [Dec 22. 2001 10:03]:
> Hello Everybody,
Hiya.
> we have a problem to implement a PGP-function into
> a PHP-Script. PHP 4.0.6 as CGI, Apache 1.3.11, FeeBSD 4.2
> a)
> PGP from the command line works:
> % pgps -ato test.sig test.txt -z passphrase
> b)
> Calling a little PHP Script
> $kommando = "/usr/local/bin/pgps -ato test.sig test.txt -z passphrase";
> exec("$kommando",$antwort);
> to do so, also everything works fine:
> % virtual /usr/local/bin/php /etc/test-pgp.php
> Creating output file test.sig
> X-Powered-By: PHP/4.0.6
> Content-type: text/html
> c)
> But when we use this very same PHP-code within a script, and call this
> script through the web, it's not working anymore and the error_log
> says
> Cannot open configuration file pgp.cfg
> Cannot open secret keyring "secring.skr"
> Cannot open public keyring "pubring.pkr"
> Why is that and can this problem be solved ?
This happens because when you run this from the shell, it's picking up
your environment. Apache has a completely different environment.
You need to create a dummy keyring for Apache's user in the location
this may provide:
Home is: ' . $effective_user['dir'];
?>
Or you can use putenv() to make apache temporarily use another $HOME
that has the correct keyrings.
YMMV
--
Brian Clark | Avoiding the general public since 1805!
Fingerprint: 07CE FA37 8DF6 A109 8119 076B B5A2 E5FB E4D0 C7C8
I think you need to flash your brain's firmware.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP with MySQL
Jeff Oien wrote: >> Jeff wrote: >> >>> I am trying to find the maximum security for storing credit card >>> numbers. >>> >>> >From reading the archives someone mentioned using a PGP based encryption >>> to encrypt the credit card number and store it into the database, and >>> have the company that is processing the order have the decryption key on >>> the their computer. >>> >>> Any comments or different ideas on this system? >> > > (I'm a different Jeff) I searched through the archives and couldn't find > your message. I'm interested in this also. The PHP PGP tutorials > all deal with sending e-mail using PGP. I would like to be able to do > this on the server to retrieve information from the server. > Jeff Oien Sorry for the confusion, but I actually was using gnuPG (the principles are the same) my mistake :-) Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] PGP with MySQL
> Jeff wrote: > > > I am trying to find the maximum security for storing credit card > > numbers. > > > > >From reading the archives someone mentioned using a PGP based encryption > > to encrypt the credit card number and store it into the database, and > > have the company that is processing the order have the decryption key on > > the their computer. > > > > Any comments or different ideas on this system? > > Jeff, > > search of the php-general list archives for 'PGP' as I have been through > this one and there are a few concerning issues. > > Regards, > > Joseph (I'm a different Jeff) I searched through the archives and couldn't find your message. I'm interested in this also. The PHP PGP tutorials all deal with sending e-mail using PGP. I would like to be able to do this on the server to retrieve information from the server. Jeff Oien -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP with MySQL
Jeff wrote: > I am trying to find the maximum security for storing credit card > numbers. > > >From reading the archives someone mentioned using a PGP based encryption > to encrypt the credit card number and store it into the database, and > have the company that is processing the order have the decryption key on > the their computer. > > Any comments or different ideas on this system? Jeff, search of the php-general list archives for 'PGP' as I have been through this one and there are a few concerning issues. Regards, Joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] pgp text formatting
> // then I place the message that is to be encrypted in a file
>
> $fp = fopen("plaintxt", "w+");
This won't scale up too well... You would be better off to use pipe (|) to
shove it to the PGP program. Actually, that's still not such a hot idea...
Anybody who can do "ps aux" could catch the occasional credit card that
way. Use popen instead of system. OTOH, if you are using SSL, as you
should for this, and there exists a user with a login who can do "ps" that
you don't inherently trust, you're already in deeper trouble than system()
versus popen()... Still, better safe than sorry, and popen won't be that
much harder than system()
> fputs($fp, $msg);
This adds a line break at the end, though.
And it maybe "escapes" the embedded newlines on the assumption that you
intend to use fgets()to read the "line" back in. Also, if you have
MagicQuotes Whatsit turned on (not GPC, the other one) that will also maybe
attempt to add backslashes to the data.
Use fwrite to get *exactly* what you put in, and make sure php.ini doesn't
have the second MagicQuotes thingie turned on.
I've never turned it on, so don't remember what it's called. Magic Quotes
Runtime? Yeah, that's it...
> // fyi ... if at this point, if I were to open the file plaintxt
> // all of my line breaks would still be there
Plus an extra one at the end. :-)
> // next I encrypt the data and write it to a file called crypted
>
> system("/usr/local/bin/pgpe -r [EMAIL PROTECTED] -o crypted -a
> plaintxt");
>
> unlink("plaintxt");
>
> // now ... if at this point I were to open the file crypted and decrypt
> it
> // I would get my message in a long line with squares where every break
> should be
If all else fails, fopen that and read it char by char printing out the
ASCII codes of any non-alphabetic chars and figure out what those little
squares are. Your text editor shows all sorts of unprintable characters as
little squares. You need to figure out which character it actually is.
(Or get a better editor that will tell you, or find out how to make your
editor tell you.)
> // here's the method I use to get this crypted data added to my log file
>
> $fd = fopen("crypted", "r");
>
> $msg_crypted = fread($fd, filesize("crypted"));
>
> fclose($fd);
>
> unlink("crypted");
>
> $order_log = fopen("order_log", "a");
>
> fwrite($order_log, $msg_crypted);
>
> fclose($order_log);
>
> So, if anyone can help me figure out a way to keep these line breaks in
> place all the way through to decryption, I would be VERY appreciative.
> I know this is possible ... because, if I take the same message from my
> code and place it in a text editor ... encrypt and decrypt it using my
> desktop PGP software ... all of the line breaks remain intact.
--
Visit the Zend Store at http://www.zend.com/store/
Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm
Volunteer a little time: http://chatmusic.com/volunteer.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] PGP
You should find this useful :) http://www.phpuk.org/code.php All the best Ade --- i n o v i c a . c o m e: [EMAIL PROTECTED] w: http://www.inovica.com Web Apps, virtual communities and vertical portals Hosting and dedicated servers just around the corner Contact us for low-cost domain name registration - Original Message - From: "Martin Thoma" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, February 02, 2001 8:43 AM Subject: [PHP] PGP > Hello ! > > I want to send a PGP-encrypted EMail out of a php-script. I'm a very > newbee in PGP and actual know nothing. Could someone please give me some > hints how to do it ? > > Regards > > Martin > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
