18.9.1. ProblemYou want to make sure users don't alter data you've sent them in a cookie or form element. 18.9.2. SolutionAlong with the data, send an MD5 hash of the data that uses a salt. When you receive the data back, compute the MD5 hash of the received value with the same salt. If they don't match, the user has altered the data. Here's how to generate an MD5 hash in a hidden form field: <?php /* Define a salt. */ define('SALT', 'flyingturtle'); $id = 1337; $idcheck = md5(SALT . $id); ?> <input type="hidden" name="id" value="<?php echo $id; ?>" /> <input type="hidden" name="idcheck" value="<?php echo $idcheck; ?>" /> Here's how to verify the hidden form field data when it's submitted: <?php /* Initialize an array for filtered data. */ $clean = array(); /* Define a salt. */ define('SALT', 'flyingturtle'); if (md5(SALT . $_POST['id']) == $_POST['idcheck']) { $clean['id'] = $_POST['id']; } else { /* Error */ } ?> 18.9.3. DiscussionWhen processing the submitted form data, compute the MD5 hash of the submitted value of $_POST['id'] with the same salt. If it matches $_POST['idcheck'], the value of $_POST['id'] has not been altered by the user. If the values don't match, you know that the value of $_POST['id'] you received is not the same as the one you sent. To use an MD5 hash with a cookie, add it to the cookie value with implode( ): <?php /* Define a salt. */ define('SALT', 'flyingturtle'); $name = 'Ellen'; $namecheck = md5(SALT . $name); setcookie('name', implode('|',array($name, $namecheck))); ?> Parse the hash from the cookie value with explode( ): <?php /* Define a salt. */ define('SALT', 'flyingturtle'); list($cookie_value, $cookie_check) = explode('|', $_COOKIE['name'], 2); if (md5(SALT . $cookie_value) == $cookie_hash) { $clean['name'] = $cookie_value; } else { /* Error */ } ?> Using a data verification hash in a form or cookie obviously depends on the salt used in hash computation. If a malicious user discovers your salt, the hash offers no protection. Besides guarding the salt zealously, changing it frequently is a good idea. For an additional layer of protection, use different salts, choosing the specific salt to use in the hash based on some property of the $id value (10 different words selected by $id%10, for example). That way, the damage is slightly mitigated if one of the words is compromised. If you have the mhash module installed, you're not limited to MD5 hashes. mhash supports a number of different hash algorithms. For more information about mhash, see the mhash material in the online PHP manual or the mhash home page at http://mhash.sourceforge.net/. 18.9.4. See AlsoRecipe 20.9 for an example of using hashes with hidden form variables; documentation on md5( ) at http://www.php.net/md5 and the mhash extension at http://www.php.net/mhash. |