Some of you may have read a recent thread started by me inquiring about md5 and other security issues. MD5 Reverse Hash. The jist is I am using cookies to store secure login info. The program I am working in is open source though. A good suggestion was
setcookie("yourhash", md5($fusername + "saltword" + $timestamp), time()+60*60*24*365 );
Saltword would not work for opensource because anyone can just see the hidden thing. An obvious solution did not hit me when combining the cookie with MySQL.
/** SETS UP COOKIES **/
$saltword = substr($PHP_SESSID, 0, 6); // randomly generated obviously
setcookie("yourhash", md5($fusername + $saltword + $timestamp), time()+60*60*24*365 );
mysql_query("update users set saltword=\"$saltword\" where username=\"$fusername\"");
/** SECURITY CHECK LATER**/if ($_COOKIE['remember'] == 1 and $_SESSION['yourid'] < 1) //if cookies are set and session variables are not reset
{
$result = mysql_query("select saltword from users where username=\"$_COOKIE[yourlogin]\"");
$row = mysql_fetch_array($result);
$thesalt = $row['saltword'];
if (md5($_COOKIE['yourlogin'] + $thesalt + $_COOKIE['yourstamp']) != $_COOKIE['yourhash']) //if user edited their login name, hash will not match
{
die("Cookie Information corrupt. This may mean your file was corrupt, or an update to the site was made which made your information obsolete.<br>
<a href='sign_out.php'>Click here</a> and sign back in to correct this.");
}
//....
}
The salt word is put into a cell with the users information and compared against that So even if everyone knows the code, there is no way of knowing what the salt word is for a given user unless they hack the MySQL. Sound secure?
