Guy Bowden wrote:
> On this note - what is considered "best practice" in a - sent to friend
> type thing.
>
> i.e. User inputs their name + message + email + friends email into a
> html/flash form
>
> friend gets a link to read the message.
>
> currently I do this:
>
> 1 collect form input
> 2 create hash using the md5/uniqid method : $hash = md5(uniqid($key));
> 3 input data to database table using the hash as the primary key value
> 4 send email to friend with link containing the hash
> 5 user clicks on link
> 6 hash read in from the $_GET object
> 7 hash used to select message details from DB and displayed to the user
>
> There's never a security issue here - i.e. i don't mind how many times /
> who reads the message, but just want to make it hard to just guess keys
> to read other messages (otherwise it would just be the db id)
>
> This method works for me, but is it the *right* way?
I would also:
Track the sender IP address, and only allow N sends per time period T.
Track the recipient email, and only allow M "To:"s per time period U.
The point being to stop spammers from using your system to spam the world,
or target specific victims.
Is $key the ID in the database? You may want to consider adding in "more"
randomness with mt_rand() as the manual suggests on the uniqid page -- You
can still keep $key as part of the hash by doing:
md5(uniqid("$key|" . mt_rand(), true))
Certainly sending the md5/uniquid as the only thing exposed is about as
good as you can get for making sure that the other email URLs are
guessable -- You do run the risk that sooner or later your md5/uniquid
hash will "collide" with two emails on the same value. Easy enough to
check the db and generate another hash if they do collide, so I'd add that
in if you don't have it. Add a line after your md5(...) call and set
$hash = '42' for testing purpose, then comment it out to go back to
reality.
You could look into the larger bits and longer hashes that would be
"better" but I really don't think that's necessary, imho.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
