php-general Digest 1 Jan 2011 00:09:58 -0000 Issue 7110
Topics (messages 310418 through 310438):
Re: Do you trim() usernames and passwords?
310418 by: Nathan Rixham
Re: Regex for telephone numbers
310419 by: Nathan Rixham
310420 by: Ethan Rosenberg
310422 by: [email protected]
310423 by: Ethan Rosenberg
310426 by: Nathan Rixham
310427 by: Al
310428 by: [email protected]
310429 by: Al
310430 by: Per Jessen
310431 by: Per Jessen
310432 by: Daniel P. Brown
310434 by: Dmitriy Ugnichenko
310435 by: Daniel Brown
310436 by: Steve Staples
310438 by: Jim Lucas
Job Search
310421 by: Ethan Rosenberg
310424 by: Daniel Brown
310425 by: Greg Bair
Re: goto - My comments
310433 by: Govinda
Re: memory usage/release & GC
310437 by: Tommy Pham
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
Tamara Temple wrote:
Sorry, I was mislead by your use of the phrase "Users should not be
copy-pasting passwords or usernames" above. I'd love to hear what you
think is an alternative to identifying with web app that keeps track of
information about someone that is more secure.
client side ssl certificates, they force http+tls (thus encryption over
the wire and no chance of middleman attacks) and no usernames or
passwords need to be passed, as you identify people by the public key
held in their certificate, the TLS process ensures they have the private
key.
--- End Message ---
--- Begin Message ---
Ethan Rosenberg wrote:
FYI [to all the list] -- I thank all for their input. I only needed US
phones, and I am forcing the user of the form to conform to xxx-xxx-xxxx
as the input format.
out of interest, why are you forcing you're users to conform to that
input format? you could simply strip all non-numeric chars then format
how you like to save, thus giving users a looser, more friendly, experience.
--- End Message ---
--- Begin Message ---
At 07:11 AM 12/31/2010, Nathan Rixham wrote:
Ethan Rosenberg wrote:
FYI [to all the list] -- I thank all for their input. I only
needed US phones, and I am forcing the user of the form to conform
to xxx-xxx-xxxx as the input format.
out of interest, why are you forcing you're users to conform to that
input format? you could simply strip all non-numeric chars then
format how you like to save, thus giving users a looser, more
friendly, experience.
+++++++++
Nathan -
This expression will be used to search a database which will contain
patient data resulting from medical research. At the initial visit a
medical record number will be assigned to the patient. Other
information will be collected at that point; eg, the telephone
number. At subsequent visits, the patient will be referenced by
his/hers medical record number. If the patient either forgot their
clinic card, or cannot remember their medical record number, a search
will be performed. One of the many parameters that can be used in
the search is the phone number. It is easier if all the data has a
fixed format. The form for the initial visit will use a regex that
will validate the phone number. As the research will be performed in
the US, only US numbers have to be validated.
Hope this helps.
Ethan
--- End Message ---
--- Begin Message ---
Sorry for top-post, on phone.
What about mobile phone numbers (cell phones you call them in the US) do they
conform to the same format? I know there have been times myself when I've been
without a landline number leaving me with only my mobile as a means of contact.
Thanks,
Ash
http://www.ashleysheridan.co.uk
----- Reply message -----
From: "Ethan Rosenberg" <[email protected]>
Date: Fri, Dec 31, 2010 14:03
Subject: [PHP] Regex for telephone numbers
To: "Nathan Rixham" <[email protected]>
Cc: "[email protected]" <[email protected]>
At 07:11 AM 12/31/2010, Nathan Rixham wrote:
>Ethan Rosenberg wrote:
>>FYI [to all the list] -- I thank all for their input. I only
>>needed US phones, and I am forcing the user of the form to conform
>>to xxx-xxx-xxxx as the input format.
>
>out of interest, why are you forcing you're users to conform to that
>input format? you could simply strip all non-numeric chars then
>format how you like to save, thus giving users a looser, more
>friendly, experience.
+++++++++
Nathan -
This expression will be used to search a database which will contain
patient data resulting from medical research. At the initial visit a
medical record number will be assigned to the patient. Other
information will be collected at that point; eg, the telephone
number. At subsequent visits, the patient will be referenced by
his/hers medical record number. If the patient either forgot their
clinic card, or cannot remember their medical record number, a search
will be performed. One of the many parameters that can be used in
the search is the phone number. It is easier if all the data has a
fixed format. The form for the initial visit will use a regex that
will validate the phone number. As the research will be performed in
the US, only US numbers have to be validated.
Hope this helps.
Ethan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
At 09:27 AM 12/31/2010, [email protected] wrote:
Sorry for top-post, on phone.
What about mobile phone numbers (cell phones you call them in the
US) do they conform to the same format? I know there have been times
myself when I've been without a landline number leaving me with only
my mobile as a means of contact.
Thanks,
Ash
<http://www.ashleysheridan.co.uk>http://www.ashleysheridan.co.uk
----- Reply message -----
From: "Ethan Rosenberg" <[email protected]>
Date: Fri, Dec 31, 2010 14:03
Subject: [PHP] Regex for telephone numbers
To: "Nathan Rixham" <[email protected]>
Cc: "[email protected]" <[email protected]>
At 07:11 AM 12/31/2010, Nathan Rixham wrote:
>Ethan Rosenberg wrote:
>>FYI [to all the list] -- I thank all for their input. I only
>>needed US phones, and I am forcing the user of the form to conform
>>to xxx-xxx-xxxx as the input format.
>
>out of interest, why are you forcing you're users to conform to that
>input format? you could simply strip all non-numeric chars then
>format how you like to save, thus giving users a looser, more
>friendly, experience.
+++++++++
Nathan -
This expression will be used to search a database which will contain
patient data resulting from medical research. At the initial visit a
medical record number will be assigned to the patient. Other
information will be collected at that point; eg, the telephone
number. At subsequent visits, the patient will be referenced by
his/hers medical record number. If the patient either forgot their
clinic card, or cannot remember their medical record number, a search
will be performed. One of the many parameters that can be used in
the search is the phone number. It is easier if all the data has a
fixed format. The form for the initial visit will use a regex that
will validate the phone number. As the research will be performed in
the US, only US numbers have to be validated.
Hope this helps.
Ethan
--
PHP General Mailing List (<http://www.php.net/)>http://www.php.net/)
To unsubscribe, visit:
<http://www.php.net/unsub.php>http://www.php.net/unsub.php
Ash -
In contrast to some non-US phone numbers, all the numbers here [cell
and landline] have the same format.
Ethan
--- End Message ---
--- Begin Message ---
Ethan Rosenberg wrote:
At 07:11 AM 12/31/2010, Nathan Rixham wrote:
Ethan Rosenberg wrote:
FYI [to all the list] -- I thank all for their input. I only needed
US phones, and I am forcing the user of the form to conform to
xxx-xxx-xxxx as the input format.
out of interest, why are you forcing you're users to conform to that
input format? you could simply strip all non-numeric chars then format
how you like to save, thus giving users a looser, more friendly,
experience.
+++++++++
Nathan -
This expression will be used to search a database which will contain
patient data resulting from medical research. At the initial visit a
medical record number will be assigned to the patient. Other
information will be collected at that point; eg, the telephone number.
At subsequent visits, the patient will be referenced by his/hers medical
record number. If the patient either forgot their clinic card, or
cannot remember their medical record number, a search will be
performed. One of the many parameters that can be used in the search is
the phone number. It is easier if all the data has a fixed format. The
form for the initial visit will use a regex that will validate the
phone number. As the research will be performed in the US, only US
numbers have to be validated.
Ethan,
I think you misunderstand, I'm saying that regardless of which format
you use within the system, users could enter phone numbers as
"1231231234" "123 123 1234" "123-123 1234" or any variant they like,
that's completely orthogonal to how you validate and save the data, in
all of those cases all you need to do string non-numeric chars to
validate, you may also find your indexes work that bit quicker storing
numbers rather than specially (and needlessly) formatted string.
Likewise on the way back out, when presenting the numbers to users, all
you need to do is string format them.
Follow?
--- End Message ---
--- Begin Message ---
On 12/29/2010 7:12 PM, Ethan Rosenberg wrote:
Dear List -
Thank you for all your help in the past.
Here is another one....
I would like to have a regex which would validate that a telephone number is
in the format xxx-xxx-xxxx.
Thanks.
Ethan
MySQL 5.1 PHP 5 Linux [Debian (sid)]
Regex is over-kill.
$phoneNum = preg_replace("%\D%", '', $phoneNum);//Remove everything except
digits
$phoneNum = ltrim($phoneNum,'1');//Remove leading 1s
if(strlen($phoneValue) != 10)
{
throw new Exception("Phone number must be 10 digits, without leading a 1. Check
your entry carefull");
}
--- End Message ---
--- Begin Message ---
Erm, you say regex is overkill, then use one in your example!
Thanks,
Ash
http://www.ashleysheridan.co.uk
----- Reply message -----
From: "Al" <[email protected]>
Date: Fri, Dec 31, 2010 15:53
Subject: [PHP] Re: Regex for telephone numbers
To: <[email protected]>, <[email protected]>
On 12/29/2010 7:12 PM, Ethan Rosenberg wrote:
> Dear List -
>
> Thank you for all your help in the past.
>
> Here is another one....
>
> I would like to have a regex which would validate that a telephone number is
> in the format xxx-xxx-xxxx.
>
> Thanks.
>
> Ethan
>
> MySQL 5.1 PHP 5 Linux [Debian (sid)]
>
Regex is over-kill.
$phoneNum = preg_replace("%\D%", '', $phoneNum);//Remove everything except
digits
$phoneNum = ltrim($phoneNum,'1');//Remove leading 1s
if(strlen($phoneValue) != 10)
{
throw new Exception("Phone number must be 10 digits, without leading a 1. Check
your entry carefull");
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
On 12/31/2010 11:10 AM, [email protected] wrote:
Erm, you say regex is overkill, then use one in your example!
Thanks,
Ash
http://www.ashleysheridan.co.uk
----- Reply message -----
From: "Al"<[email protected]>
Date: Fri, Dec 31, 2010 15:53
Subject: [PHP] Re: Regex for telephone numbers
To:<[email protected]>,<[email protected]>
On 12/29/2010 7:12 PM, Ethan Rosenberg wrote:
Dear List -
Thank you for all your help in the past.
Here is another one....
I would like to have a regex which would validate that a telephone number is
in the format xxx-xxx-xxxx.
Thanks.
Ethan
MySQL 5.1 PHP 5 Linux [Debian (sid)]
Regex is over-kill.
$phoneNum = preg_replace("%\D%", '', $phoneNum);//Remove everything except
digits
$phoneNum = ltrim($phoneNum,'1');//Remove leading 1s
if(strlen($phoneValue) != 10)
{
throw new Exception("Phone number must be 10 digits, without leading a 1. Check
your entry carefull");
}
Save and use the resultant $phoneNum; It is all that needs to be saved and used.
Dashes, spaces and () are superfluous. Only the 10 digits are required for his
application.
--- End Message ---
--- Begin Message ---
[email protected] wrote:
> Sorry for top-post, on phone.
>
> What about mobile phone numbers (cell phones you call them in the US)
> do they conform to the same format?
AFAIK, they too vary from country to country. Swiss mobile numbers are
07[6789] NNNNNNN, the latter usually written as NNN NN NN, but also
often in a way that will help remembering the number.
Danish mobile#s are the same as land line numbers, no area code, just
NNNNNNNN.
--
Per Jessen, Zürich (2.8°C)
--- End Message ---
--- Begin Message ---
Al wrote:
>
>
> On 12/29/2010 7:12 PM, Ethan Rosenberg wrote:
>> Dear List -
>>
>> Thank you for all your help in the past.
>>
>> Here is another one....
>>
>> I would like to have a regex which would validate that a telephone
>> number is in the format xxx-xxx-xxxx.
>>
>> Thanks.
>>
>> Ethan
>>
>> MySQL 5.1 PHP 5 Linux [Debian (sid)]
>>
>
> Regex is over-kill.
You've just used one any way:
> $phoneNum = preg_replace("%\D%", '', $phoneNum);//Remove everything except
> digits
>
> $phoneNum = ltrim($phoneNum,'1');//Remove leading 1s
>
> if(strlen($phoneValue) != 10)
> {
> throw new Exception("Phone number must be 10 digits, without leading a
> 1. Check your entry carefull");
> }
One regex and two function calls when one regex would have sufficed?
--
Per Jessen, Zürich (2.6°C)
--- End Message ---
--- Begin Message ---
On Fri, Dec 31, 2010 at 11:04, Per Jessen <[email protected]> wrote:
>
> AFAIK, they too vary from country to country. Swiss mobile numbers are
> 07[6789] NNNNNNN, the latter usually written as NNN NN NN, but also
> often in a way that will help remembering the number.
> Danish mobile#s are the same as land line numbers, no area code, just
> NNNNNNNN.
In the US and Canada, though, there's [as of yet] no difference
between landline, mobile, VOIP, fax, toll-free, premium (900), et
cetera. Again, that's why I wrote out the example the way I did,
which conforms to NANP (NPA/NXX) standards. It's the only suggestion
so far that will work completely (which sounds cocky, but screw it,
it's the last Friday of the year ;-P).
--
</Daniel P. Brown>
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/
--- End Message ---
--- Begin Message ---
I guess, this will work fine
ereg('[0-9]{3}-[0-9]{3}-[0-9]{4}', $phone_number);
On Thu, Dec 30, 2010 at 2:12 AM, Ethan Rosenberg <[email protected]>wrote:
> Dear List -
>
> Thank you for all your help in the past.
>
> Here is another one....
>
> I would like to have a regex which would validate that a telephone number
> is in the format xxx-xxx-xxxx.
>
> Thanks.
>
> Ethan
>
> MySQL 5.1 PHP 5 Linux [Debian (sid)]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
with best regards,
Dmitriy.
--- End Message ---
--- Begin Message ---
On Fri, Dec 31, 2010 at 12:05, Dmitriy Ugnichenko
<[email protected]> wrote:
> I guess, this will work fine
>
> ereg('[0-9]{3}-[0-9]{3}-[0-9]{4}', $phone_number);
Not quite. Plus, all ereg* functions have been deprecated for
some time now.
--
</Daniel P. Brown>
Network Infrastructure Manager
Documentation, Webmaster Teams
http://www.php.net/
--- End Message ---
--- Begin Message ---
On Wed, 2010-12-29 at 19:35 -0500, Daniel P. Brown wrote:
> On Wed, Dec 29, 2010 at 19:12, Ethan Rosenberg <[email protected]> wrote:
> > Dear List -
> >
> > Thank you for all your help in the past.
> >
> > Here is another one....
> >
> > I would like to have a regex which would validate that a telephone number
> > is in the format xxx-xxx-xxxx.
>
> Congrats. People in Hell would like ice water. Now we all know
> that everyone wants something. ;-P
>
> Really, this isn't a PHP question, but rather one of regular
> expressions. That said, something like this (untested) should work:
>
> <?php
>
> $numbers = array(
> '123-456-7890',
> '2-654-06547',
> 'sf34-asdf-',
> 'abc-def-ghij',
> '555_555_5555',
> '000-000-0000',
> '8007396325',
> '241-555-2091',
> '800-555-0129',
> '900-976-739',
> '5352-342=452',
> '200-200-2000',
> );
>
> foreach ($numbers as $n) {
> echo $n.(validate_phone($n) ? ' is ' : ' is not ').'a valid
> US/Canadian telephone number.'.PHP_EOL;
> }
>
>
> function validate_phone($number) {
>
> if
> (preg_match('/^[2-9]{1,}[0-9]{2,}\-[2-9]{1,}[0-9]{2,}\-[0-9]{4,}$/',trim($number)))
> {
> return true;
> }
>
> return false;
> }
> ?>
>
^^^^ THIS ^^^^
is the regex you want to use... it is the most complete one that has
been posted here, and it works.
--- End Message ---
--- Begin Message ---
On 12/29/2010 4:35 PM, Daniel P. Brown wrote:
> On Wed, Dec 29, 2010 at 19:12, Ethan Rosenberg <[email protected]> wrote:
>> Dear List -
>>
>> Thank you for all your help in the past.
>>
>> Here is another one....
>>
>> I would like to have a regex which would validate that a telephone number
>> is in the format xxx-xxx-xxxx.
>
> Congrats. People in Hell would like ice water. Now we all know
> that everyone wants something. ;-P
>
> Really, this isn't a PHP question, but rather one of regular
> expressions. That said, something like this (untested) should work:
>
> <?php
>
> $numbers = array(
> '123-456-7890',
> '2-654-06547',
> 'sf34-asdf-',
> 'abc-def-ghij',
> '555_555_5555',
> '000-000-0000',
> '8007396325',
> '241-555-2091',
> '800-555-0129',
> '900-976-739',
> '5352-342=452',
> '200-200-2000',
> );
>
> foreach ($numbers as $n) {
> echo $n.(validate_phone($n) ? ' is ' : ' is not ').'a valid
> US/Canadian telephone number.'.PHP_EOL;
> }
>
>
> function validate_phone($number) {
>
> if
> (preg_match('/^[2-9]{1,}[0-9]{2,}\-[2-9]{1,}[0-9]{2,}\-[0-9]{4,}$/',trim($number)))
> {
> return true;
> }
>
> return false;
> }
> ?>
>
>
Actually...
Specified here [1] it says that the {1,} is the same as '+'. I think you should
drop the comma. If you don't this would be valid 844-2345-123456
^[2-9]{1,}[0-9]{2,}\-[2-9]{1,}[0-9]{2,}\-[0-9]{4,}$
should be
^[2-9]{1}[0-9]{2}\-[2-9]{1}[0-9]{2}\-[0-9]{4}$
1 http://us.php.net/manual/en/regexp.reference.repetition.php
Jim Lucas
--- End Message ---
--- Begin Message ---
Dear list -
I am an entry level data base programmer [PHP/MySQL HTTP/CSS] looking
for work in the NY metropolitan area. Any ideas?
Should we have a job search board?
Ethan
--- End Message ---
--- Begin Message ---
On Fri, Dec 31, 2010 at 09:11, Ethan Rosenberg <[email protected]> wrote:
> Dear list -
>
> I am an entry level data base programmer [PHP/MySQL HTTP/CSS] looking for
> work in the NY metropolitan area. Any ideas?
Search Google, but trust me, you're going to need more experience
than entry-level to pick up a job around here, unless you're working
remotely, and for relatively-minimal wage for the industry. I'm out
in Scranton, and even here, when companies hire for someone with
skills in those areas, they want a minimum of 2-4 years.
> Should we have a job search board?
No. Not only would that be reinventing the wheel, but if we did
it, it would be square. Many others can do it much better than we
would have any interest in doing. That said, I'd highly recommend
checking your local CraigsList, in the "Gigs" section, for computer
and web jobs. Sometimes they have some quick one-off ones that can
not only help you build experience, but also start building your
roster of contacts.
--
</Daniel P. Brown>
Network Infrastructure Manager
Documentation, Webmaster Teams
http://www.php.net/
--- End Message ---
--- Begin Message ---
On Fri, 31 Dec 2010 09:11:31 -0500
Ethan Rosenberg <[email protected]> wrote:
> Dear list -
>
> I am an entry level data base programmer [PHP/MySQL HTTP/CSS] looking
> for work in the NY metropolitan area. Any ideas?
>
> Should we have a job search board?
>
> Ethan
phpdeveloper.org has a nice job board at http://jobs.phpdeveloper.org/.
--
Greg Bair
PHP Developer
--- End Message ---
--- Begin Message ---
Would you please look at the code you wrote again. I must have
botched it, because both the age and kitten form still are on the
same page. The age page should appear, the data should be accepted
and then the kitten page should appear.
Ethan
Hi Ethan,
I don't mean to get in between you and Jim (or anyone else here). You
want your page to just work.. and Jim offered you a working solution..
nice!
But my suggestion is to drop that task for a day.. *totally start
over* .. SUPER simple.. See if you can make a *tiny* form appear on a
page and then when submitted show the next form.. etc.. just as you
need the flow to go. Learn the concepts and logic structures involved
to make that happen. If you focus on just this one thing then you
will get it without too much more trouble.. and then you will OWN it
and be able to apply it to your real production task. If you get
stuck while writing your SIMPLE strung-together test forms, then ask
about where you are stuck; what is it exactly that you do not
understand. Just saying, effectively, "It does not work" shows you
are over your head and need to back up and break down the problem into
smaller parts. Don't worry, the smaller parts will prove to be easy,
once actually seen for what they are! My PHP familiarity is not even
20% of what Jim and others here have, but I can and certainly will
help you reach working code, so I guarantee you'll have help, if you
start from the beginning. I'll be here all day today, and back on
monday... to answer your posts.
------------
Govinda
--- End Message ---
--- Begin Message ---
On Fri, Dec 31, 2010 at 2:02 AM, Peter Lind <[email protected]> wrote:
>
> On Dec 31, 2010 6:20 AM, "Tommy Pham" <[email protected]> wrote:
>>
>> Hi folks,
>>
>> With the recent thread about password & security, I wrote a small quick
>> script to generate a random or all possible passwords based on certain
>> parameters for a brute force use. On a very long running execution for a
>> complex password in length with full use of the keys (94 characters),
>> including upper case, the script seems to consumes more memory (shown in
>> Windows task manager) as time progress. Below are snippets from the
>> script
>> file that does the workload:
>>
>> while (!$this->isMax())
>> {
>> for ($b = 0; $b <= $this->pwdLength; $b++)
>> {
>> if ($this->counter[$b] < $this->max)
>> {
>> $this->pwd[$b] =
>> $this->charList[$this->counter[$b]];
>> $this->counter[$b]++;
>> break;
>> }
>> else
>> {
>> $this->counter[$b] = 1;
>> $this->pwd[$b] = $this->charList[0];
>> }
>> }
>> }
>>
>> private function isMax()
>> {
>> for ($a = $this->pwdLength-1; $a>=0; $a--)
>> {
>> if ($this->counter[$a] < $this->max) return false;
>> }
>> return true;
>> }
>>
>> Could someone please tell me why the above code consumes additional memory
>> as time progress for the execution of the while loop? Researching PHP GC
>> on
>> google didn't shed light on problem. Generating all possible combinations
>> for 20 length with 94 possibilities each, the script easily consumes more
>> than 1GB RAM in few minutes. BTW, gc_enabled() reports on.
>>
>> Thanks,
>> Tommy
>>
>>
>
> Are you storing or throwing away the passwords? Also, lots of code is
> missing from that post, no idea if you've got a memory leak in the rest of
> the code
>
> Regards
> Peter
Hi Peter,
Thanks for the reply. After I sent the e-mail last night, I did a
little debugging. As it turns out, xdebug was the culprit. I gotta
remember to disable xdebug while coding... Anyway, here's the full
code. Anyone is welcome to use it.
$timeStart = microtime(true);
//set_time_limit(0);
ini_set('max_execution_time', 0);
ini_set('memory_limit', -1);
class PwdGen
{
const ALPHA_LOWER = 'abcdefghijklmnopqrstuvwxyz';
const ALPHA_UPPER = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
const NUMERIC = '0123456789';
const SPECIALS = '!...@#$%^&*()`~-_=+[]\{}|;:\'",./<>?';
private $chars;
private $charList;
private $max;
private $pwdLength;
private $pwdList; // array
private $pwd;
private $counter; // array
private $insertDb = false;
public function __construct($pwdLength = 8, $useUpper = true,
$useNumeric = true, $useSpecials = true, $insertDb = true, $specials =
'')
{
$this->insertDb = $insertDb;
$this->pwdLength = intval($pwdLength);
$this->chars = self::ALPHA_LOWER;
if ($useUpper) $this->chars .= self::ALPHA_UPPER;
if ($useNumeric) $this->chars .= self::NUMERIC;
if ($useSpecials) $this->chars .= empty($specials) ?
self::SPECIALS
: $specials;
}
private function init()
{
$this->charList = str_split($this->chars, 1);
$this->max = sizeof($this->charList);
$this->pwd = str_split(str_repeat($this->charList[0],
$this->pwdLength), 1);
$this->pwdList = array(); // array
$this->counter = array();
for ($a = 0; $a < $this->pwdLength; $a++)
$this->counter[$a] = 1;
$this->counter[$this->pwdLength-1] = 0;
}
public function setPasswordLength($pwdLength)
{
$this->pwdLength = intval($pwdLength);
}
public function setUseChars($useUpper = true, $useNumeric = true,
$useSpecials = true, $specials = '')
{
$this->chars = self::ALPHA_LOWER;
if ($useUpper) $this->chars .= self::ALPHA_UPPER;
if ($useNumeric) $this->chars .= self::NUMERIC;
if ($useSpecials) $this->chars .= empty($specials) ?
self::SPECIALS
: $specials;
}
public function getRandom()
{
$this->init();
for ($a = 0; $a < $this->pwdLength; $a++)
$this->pwd[$a] = $this->charList[rand(0, $this->max -
1)];
$pwd = implode('', $this->pwd);
$output = $this->max.': '.$this->chars.' ('.pow($this->max,
$this->pwdLength).') '.PHP_EOL.$pwd.PHP_EOL;
return $output;
}
public function getAll($continue = true)
{
$this->init();
$sql = 'INSERT INTO `password`(`guid`, `length`, `password`,
`counter`, `date_added`) VALUES (BinUUID(), '.$this->pwdLength.', ?,
?, now())';
$pwd = '';
$counter = '';
$output = $this->max.': '.$this->chars.' ('.pow($this->max,
$this->pwdLength).')'.PHP_EOL;
if ($this->insertDb)
{
$db = new mysqli('127.0.0.1', 'user', 'pass',
'brute_force');
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n",
mysqli_connect_error());
exit();
}
$stmt = $db->prepare($sql);
if ($stmt === false) {
printf("Prepare failed: %s\n", $db->error);
$stmt->close();
$db->close();
exit();
}
if ($stmt->bind_param('ss', $pwd, $counter) === false)
{
printf("Bind Param failed: %s\n", $stmt->error);
$stmt->close();
$db->close();
exit();
}
}
while (!$this->isMax())
{
for ($b = $this->pwdLength - 1; $b >= 0; $b--)
{
if ($this->counter[$b] < $this->max)
{
$this->pwd[$b] =
$this->charList[$this->counter[$b]];
$this->counter[$b]++;
break;
}
else
{
$this->counter[$b] = 1;
$this->pwd[$b] = $this->charList[0];
}
}
$pwd = implode('', $this->pwd);
// $this->pwdList[] = $pwd;
if ($this->insertDb)
{
//$counter = json_encode($this->counter);
$counter = '[';
for ($c = 0; $c < $this->pwdLength; $c++)
{
$counter .= sprintf('%02d',
$this->counter[$c]);
if ($c+1 < $this->pwdLength) $counter
.= ',';
}
$counter .= ']';
if ($stmt->execute() === false)
{
printf("Execute failed: %s\n",
$stmt->error);
$stmt->close();
$db->close();
exit();
}
}
// $output .= $pwd.' ';
// $output .= implode(':', $this->counter).' ';
// $output .= PHP_EOL;
}
if ($this->insertDb)
{
$stmt->close();
$db->close();
}
return $output;
}
private function isMax()
{
for ($m = 0; $m < $this->pwdLength; $m++)
if ($this->counter[$m] < $this->max) return false;
return true;
}
}
$output = '<pre>';
$pg = new PwdGen();
$dbMax = 25;
if (!empty($_GET['min']) && !empty($_GET['max']))
{
$min = intval($_GET['min']);
$max = intval($_GET['max']);
if ($max > $dbMax) $max = $dbMax;
} else
{
$min = 4;
$max = 5;
}
if (!empty($_GET['get']) && $_GET['get'] == 'all')
{
if (empty($_GET['length']))
{
for ($i = $min; $i <= $max; $i++)
{
$_POST['length'] = $i;
$pg->setPasswordLength($i);
$output .= $pg->getAll();
}
}
else
{
$i = intval($_GET['length']);
$_POST['length'] = $i;
$pg->setPasswordLength($i);
$output .= $pg->getAll();
}
}
else
{
if (empty($_POST['useUpper'])) $useUpper = false;
else $useUpper = true;
if (empty($_POST['useNumeric'])) $useNumeric = false;
else $useNumeric = true;
if (empty($_POST['useSpecials'])) $useSpecials = false;
else $useSpecials = true;
if (empty($_POST['specials'])) $specials = '';
else $specials = trim($_POST['specials']);
$pg->setUseChars($useUpper, $useNumeric, $useSpecials, $specials);
if (!empty($_POST['length']))
$pg->setPasswordLength(intval($_POST['length']));
$output .= $pg->getRandom();
}
$lengthList = 'Length: <select size="1" name="length">';
for ($l = 3; $l <= $dbMax; $l++)
if (!empty($_POST['length']) && $_POST['length'] == $l) $lengthList
.= '<option selected="selected">'.$l.'</option>';
else $lengthList .= '<option>'.$l.'</option>';
$lengthList .= '</select>';
$htmlForm = '<form method="post" enctype="multipart/form-data">'.PHP_EOL;
$htmlForm .= 'Upper case: <input type="checkbox" checked="checked"
name="useUpper" /> '.PHP_EOL;
$htmlForm .= 'Numbers: <input type="checkbox" checked="checked"
name="useNumeric" /> '.PHP_EOL;
$htmlForm .= 'Specials - symbols: <input type="checkbox"
checked="checked" name="useSpecials" /> '.PHP_EOL;
$htmlForm .= 'Custom: <input name="specials" maxlength="30" size="30"
value="'.$specials.'" /> '.PHP_EOL;
$htmlForm .= $lengthList.PHP_EOL;
$htmlForm .= '<input type="submit" value="Get Random" /></form>'.PHP_EOL;
$htmlForm .= '<form method="get"
enctype="application/x-www-form-urlencoded">'.PHP_EOL;
$htmlForm .= '<input name="get" type="hidden" value="all" /> '.PHP_EOL;
$htmlForm .= $lengthList.PHP_EOL;
$htmlForm .= '<input type="submit" value="Get All" /></form>'.PHP_EOL;
$timeEnd = microtime(true);
$timeExec = $timeEnd - $timeStart;
$output .= PHP_EOL.PHP_EOL.getmypid().' executed: '.$timeExec.PHP_EOL.'</pre>';
echo '<html><body>'.$htmlForm.$output.'</body></html>';
Disclaimer: The above code is intended for scientific research.
You're responsible for your action.
Happy New Year!!
Tommy
--- End Message ---
