JONNY DOVKA'S PGP EXPERIENCE!
OK. Before I begin, YES I did this on an IIS Windows system (my boss doesn't
like Apache for some reason). YES, it uses a non-US form of PGP found at this
web-address (I'm British, but im sure the code can easily be adapted):
The below code is similar to the code in the PHP Manual, but there are many small
considerations you'll need to account for before PGP decides it likes you and works.
1. Make sure the path to your PGP directory is in your websystem's path. You
can check this by doing a phpinfo(); and looking under the _ENV['PATH']
key. This is very important, especially if you develop on a network!
2. CHECK what the command line arguments your version of PGP accepts. Here, I'm
using -sfa, -f being the important one (filter allows data through STDIN/STDOUT
to be checked by the PGP binary. -z supplies your password, so make sure you
change that one (no, you don't need the >).
3. $DATA_TO_ENCRYPT is the data you wish to...err, encrypt. The chr(26) is actually
the same as hitting CTRL+Z (^Z) in DOS, which is commonly known as the EOF char.
4. $pgpBuffer is a string that contains the output of the PGP binary. With that, you
can then (for example, as I have done) use it to e-mail someone!
I hope this helps someone. I'm only putting it on here because it was such a pain in
the butt to get working. If it doesn't work, check your paths, consider using chdir()
to fix the problem, and have a look at the output from PGP in error.txt!
$descriptorspec = array(
0 => array("pipe", "r"), // STDIN
1 => array("pipe", "w"), // STDOUT
2 => array("file", "error.txt", "a") // STDERR
$proc = proc_open("pgp -sfa -z >", $descriptorspec, $pipes);
fwrite($pipes, $DATA_TO_ENCRYPT . "nn" . chr(26) . chr(26));
$pgpBuffer .= fgets($pipes, 1024);
$return_value = proc_close($proc);
// echo $pgpBuffer;
|send_mail function to defeat Header Injection Hacking/Spamming|
Categories : PHP, Email, Form Processing, Security
|Function to generate readable/remeberable random password|
Categories : PHP, Security, Security
|A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart|
Categories : PHP, PHP Classes, Security, GD image library, Security
|Generating and Matching Secure and Strong Password Hash|
Categories : PHP, PHP Classes, Cryptography, Security
|Protect your email links from being spidered by spam email robots!|
Categories : PHP, Security, Mail, Email
|Distribute PHP Software Protected by a License Key.|
Categories : PHP, Cryptography, Security, Software
|Protect your mailto: email addresses from bots - pure PHP|
Categories : PHP, Email, Security
|Class for sending mail with MIME attachments in multipart format using external sendmail, mimencode and zip|
Categories : Email, Network, PHP, PHP Classes
|send php mail with form data and attachment.|
Categories : PHP, Email, Mail, Form Processing
|PHP MultiList Mailing List Manager|
Categories : Email, HTML and PHP, PHP
Categories : PHP, Security, GD image library, Graphics, Sessions
|Password protection for Phorum 3.1.x with userlevels and log.|
Categories : PHP, MySQL, Authentication, Security
|Secure URL $_GET|
Categories : PHP, Data Validation, Security
|Session Validation Methods (Security Checks)|
Categories : PHP, Sessions, Security
Categories : PHP, MySQL, Cookies, Security