scriptygoddessI'm doing alot of PHP scripting at work right now involving cookies, sessions, mySQL and encryption. Thought I'd post the links and a few lines of code that are most useful to me at this moment. 
(this will probably only make sense to hard-core phpers)
O'Reilly's Session Tutorial
using this API, a sample of two way encryption using HCEMD5:
$string = "encrypt this string";
srand((double)microtime()*32767);
$rand = rand(1, 32767);
$rand = pack('i*', $rand);
$key = "fuzzy wuzzy wuz a bear"; //encryption key
$hcemd5 = new HCEMD5 ($key, $rand);
$encryptedstring = $hcemd5->encrypt($string);
to decrypt:
$decryptedstring = $hcemd5->decrypt($encryptedstring);
hcemd5 may not be apart of the default PHP install – I'm not sure. I know that M_Crypt needs to be a seperate install…(they talk about it a little in the next bookmark)
O'Reilly's tutorial on one way encryption
Sample connection to a database:
@ $db = mysql_pconnect("url", "mysql_username", "mysql_password");
mysql_select_db("database_name");
$query = sprintf("SELECT * FROM contact WHERE Username='%s' AND Password='%s';", addslashes($_REQUEST["username"]), md5($_REQUEST["password"]));
$result = mysql_query($query);
$num_results = mysql_num_rows($result); //returns the number of rows returned
if ($num_results > 0) {
$row = mysql_fetch_array($result);
/* each time this is called – it returns the next row that was in the result-set. – there's a "pointer" that is left of what the last row was called – when you call it again, it returns the row, and moves the pointer. (my "newbie explanation" for how that works) */
$feedback = "<p>Welcome, ".$_REQUEST['username']."!</p>";
}
(if track_vars is turned off (which is better from a secruity standpoint) then you need to call varialbes sent in a form using $_REQUEST['variable_name']
Web Developers (virtual library) tutorial about sessions and security
