[seen.to]

Not a function as such. Something I add to combat mail injection spammers. I've since added more but this is the version I have at hand:

PHP Code:

$email = preg_replace("/\r/", "", $email);
$email = preg_replace("/\n/", "", $email);
if (eregi("cc", $email) || eregi("bcc", $email) || 
eregi("to", $email) || eregi("Content-Type", $email)) 
die("Sorry, there was a problem with your message being sent. 
Please click <a href=\"javascript:history.go(-1)\">here</a> to try again"); 


[fiza]

First of all thanks . because this thread is very much helpful to learn php functions.
some functions are:-
zip_entry_read() Reads from an open entry in the ZIP file
zip_open() Opens a ZIP file
zip_read() Reads the next entry in a ZIP file

[Aakriti]

1)zip_close() to close zip file
2)zip_entry_read() Reads from an open entry in the ZIP file
3)zip_entry_filesize() Returns the actual file size of an entry in the ZIP file

[Cborrow]

Simple class for sending email, with / without attachments.

PHP Code:

<?php
    class SimpleMail {
        public $to;
        public $from;
        public $fromName;
        public $subject;
        public $cc;
        public $bcc;
        public $message;
        
        private $uid;
        private $mailer;
        private $attachments;
        
        public function __construct($to = null, $from = null, $subject = null, $message = null) {
            if(!empty($to) && !empty($from)) {
                $this->to = $to;
                $this->from = $from;
                
                if(!empty($subject)) {
                    $this->subject = $subject;
                }
                if(!empty($message)) {
                    $this->message = $message;
                }
            }
            
            $this->mailer = "PHP " . phpversion();
            $this->attachments = array();
        }
        
        public function SetMailer($mailer) {
            if(!empty($mailer) && is_string($mailer)) {
                $this->mailer = $mailer;
            }
        }
        
        public function SetTo($to) {
            if(!empty($to) && is_string($to)) {
                $this->to = $to;
            }
        }
        
        public function SetFrom($from) {
            if(!empty($from) && is_string($from)) {
                $this->from = $from;
            }
        }
        
        public function SetSubject($subject) {
            if(!empty($subject) && is_string($subject)) {
                $this->subject = $subject;
            }
        }
        
        public function AddCC($email) {
            if(!empty($email) && is_string($email)) {
                if(strlen($this->cc) > 0) {
                    $this->cc .= ",".$email;
                }
                else {
                    $this->cc = $email;
                }
            }
        }
        
        public function AddBCC($email) {
            if(!empty($email) && is_string($email)) {
                if(strlen($this->bcc) > 0) {
                    $this->bcc .= ",".$email;
                }
                else {
                    $this->bcc = $email;
                }
            }
        }
        
        public function AddMessage($message) {
            if(!empty($message) && is_string($message)) {
                $this->message = $message;
            }
        }
        
        public function AddAttachment($attachment) {
            if(file_exists($attachment)) {
                $attachmentInfo = array();
                
                $this->uid = "==Multipart_Boundary_x{" . md5(uniqid(time())) . "}x";
                $attachmentInfo['Attachment'] = $attachment;
                $attachmentInfo['Size'] = filesize($attachment);
                
                $fp = fopen($attachment, "rb");
                flock($fp, LOCK_SH);
                $data = fread($fp, filesize($attachment) + 1);
                flock($fp, LOCK_UN);
                fclose($fp);
                
                $attachmentInfo['Content'] = chunk_split(base64_encode($data), 64);
                
                $extStart = strrpos($this->attachment, ".");
                $attachmentInfo['Extension'] = substr($attachmentInfo['Attachment'], $extStart, (strlen($attachmentInfo['Attachment']) - $extStart));
                $attachmentInfo['Name'] = self::GenerateRandomFilename($attachmentInfo['Extension']);
                $attachmentInfo['Mime'] = "application/octet-stream; name=\"{$attachmentInfo['Name']}\"\r\n\r\n";
                
                $this->attachments[] = $attachmentInfo;
            }
        }
        
        public function SendMessage($to = null, $from = null, $subject = null) {
            if(empty($to) && !empty($this->to)) { $to = $this->to; }
            if(empty($from) && !empty($this->from)) { $from = $this->from; }
            if(empty($subject) && !empty($this->subject)) { $subject = $this->subject; }
            if(empty($to) || empty($from) || empty($subject)) { return false; }
            
            $headers = "";
            $headers.= "From: {$this->fromName} <{$from}>\r\n";
            $headers.= "Reply-To: {$to}\r\n";
            $headers.= "Subject: {$subject}\r\n";
            $headers.= "X-Mailer: {$this->mailer}\r\n";
            $headers.= "MIME-Version: 1.0\r\n";
            $headers.= "Content-Type: multipart/mixed; boundary=\"{$this->uid}\"\r\n";
            $headers.= "--{$this->uid}\r\n";
            $headers.= "Content-Type: text/plain; charset=\"iso-8859-1\"\r\n";
            $headers.= "Content-Trasfer-Encoding: 7bit\r\n\r\n";
            $headers.= $this->message . "\r\n\r\n";
            
            if(!empty($this->attachments) && is_array($this->attachments)) {
                foreach($this->attachments as $attactment) {
                    $headers.= "--{$this->uid}\r\n";
                    $headers.= "Content-Type: application/octet-stream; name=\"{$attactment['Name']}\"\r\n";
                    $headers.= "Content-Transfer-Encoding: base64\r\n";
                    $headers.= "Content-Disposition: attachment; filename=\"{$attactment['Name']}\"\r\n\r\n";
                    $headers.= $attactment['Content'] . "\r\n\r\n";
                }
            }
            
            $headers.= "--{$this->uid}--";
            
            if(mail($to, $from, "", $headers)) {
                return true;
            }
            return false;
        }
        
        private function GenerateRandomFilename($extension) {
            $chars = "abcdefghijklmnopqrstuvwxyz0123456789";
            $salt = "";
            
            for($i = 0; $i < mt_rand(5, 25); $i++) {
                $salt.= $chars{$i};    
            }
            
            $fname = md5($salt . time());
            return $fname . $extension; 
        }
    }
?>

[boycoda]

Damn, i've only recently gotten into functions / classes. So much to learn, already found one or two things in this thread that are helpful. Good stuff!

[SpooF]

PHP Code:

function &load_class($class, $instantiate = TRUE) {
    static $objects = array();
    
    if(isset($objects[$class]))
    {
        return $objects[$class];
    }
    
    if (file_exists(PATH.$class.EXT))
    {
        require(PATH.$class.EXT);
    }
    
    if ($instantiate == FALSE)
    {
        $objects[$class] = TRUE;
        return $objects[$class];
    }
    
    $name = strtolower($class);
    
    $objects[$class] =& new $name();
    return $objects[$class];
} 


To just you just have the define a PATH and EXT variable.

PATH: path way to your classes.
EXT: extension for you classes (.php)

PHP Code:

class myClass() {

    function _load($load) {
        foreach($autoload as $key=>$class) {
            $this->$key =& load_class($class);
        }    
    }

}

$load = array(
    'someClass'=>'someClass'
);
$class = new myClass();
$class->_load($load);

$class->someClass->function(); 


[hobolooter]

Quote:

Originally Posted by proc355

it's hashing not encryption; also, dont multi-hash things - it does nothing except chew resources - you want a salted hash

Most of your comments were useless unlike the code he wrote. Honestly, commenting on coding convention and variable naming is just obnoxious.

The comment I quoted, however, irked me the most, especially since it was never replied to. Multi-hashing is actually very useful especially if you know how hashes are reversed. If you hash a hash with a salt, chances are you will have a more secure result string than had you just used a salted hash. You are correct though it is not encryption.

Also wasting resources? C'mon man. Don't post if you are just going to be making stuff up. An MD5 hash calculation on a 16 byte string is ridiculous to even consider a resource hog.

[Shiro]

Kind of late for that - that post was over half a year old. I don't think proc has even been around for a few months. But that being said, I've read quite a bit on salting and multi-hashing, and there are some arguments that show multi-hashing to actually reduce security. I didn't really understand it myself (beyond me), but the people who were making those arguments made them well.

[RaelRode]

Quote:

Originally Posted by hobolooter

Most of your comments were useless unlike the code he wrote. Honestly, commenting on coding convention and variable naming is just obnoxious.

The comment I quoted, however, irked me the most, especially since it was never replied to. Multi-hashing is actually very useful especially if you know how hashes are reversed. If you hash a hash with a salt, chances are you will have a more secure result string than had you just used a salted hash. You are correct though it is not encryption.

Also wasting resources? C'mon man. Don't post if you are just going to be making stuff up. An MD5 hash calculation on a 16 byte string is ridiculous to even consider a resource hog.

Multi-hashing increases the chances of a collision. i.e. two words hashed over and voer could result in the same hash at the end.

Because passwords usually aren't the same, they're random, especially if you have to have a number in there. But if you hash it with md5, you get a 32 character string, then hash that another 32 character string, so they're always 32 characters long. hashing over and over is bad practice, and it's better to use a dynamic and static salt.

[hobolooter]

Quote:

Originally Posted by RaelRode

Multi-hashing increases the chances of a collision. i.e. two words hashed over and voer could result in the same hash at the end.

Because passwords usually aren't the same, they're random, especially if you have to have a number in there. But if you hash it with md5, you get a 32 character string, then hash that another 32 character string, so they're always 32 characters long. hashing over and over is bad practice, and it's better to use a dynamic and static salt.

Since this is a thread about PHP code and not the benefits of hashing, I'll drop it. However, if anything gets taken away from my previous post is that it is not completely pointless to multi-hash and it is not a resource hog as previously stated.

Granted that post was a million years old, but this thread is the only stickied in this subforum. This thread is read, and I think it should at least be addressed.

[MikeMackay]

Quote:

Originally Posted by seen.to

Not a function as such. Something I add to combat mail injection spammers. I've since added more but this is the version I have at hand:

PHP Code:

$email = preg_replace("/\r/", "", $email);
$email = preg_replace("/\n/", "", $email);
if (eregi("cc", $email) || eregi("bcc", $email) || 
eregi("to", $email) || eregi("Content-Type", $email)) 
die("Sorry, there was a problem with your message being sent. 
Please click <a href=\"javascript:history.go(-1)\">here</a> to try again"); 


Unfortunately that code will reject the mail if the address was something like:

rotten.tomato@domain.com
rebecca.bloggs@domain.com

Reason being is that "eregi" is returning true on any occurrence of 'to' or 'cc' whether it's encapsulated in a legitimate word/address or not. Surely it would be better to do this instead:

PHP Code:

$email = preg_replace("/\r/", "", $email);
$email = preg_replace("/\n/", "", $email);
if (eregi("cc:", $email) || eregi("bcc:", $email) || 
eregi("to:", $email) || eregi("Content-Type", $email)) 


By adding the colon to the expression match you are eliminating the chances of blocking potentially legitimate address through while still checking for any mail injection headers.

[freelancr]

Quote:

Originally Posted by hobolooter

Also wasting resources? C'mon man. Don't post if you are just going to be making stuff up. An MD5 hash calculation on a 16 byte string is ridiculous to even consider a resource hog.

Hashing is quite CPU intensive compared to other tasks. Obviously if you have a website that isn't busy, and is on a dedicated server, then you should be fine. But if you are designing the login for Google accounts, then you need something as efficient as you can get.

MD5 hashing isn't secure anymore, you should use SHA-512 instead, and salt the hash rather than hashing multiple times.

[DaveChild]

Quote:

Originally Posted by freelancr

Validate E-Mail Address:

That email validation function was originally from my site, and is a bit out of date now (especially since the opening up of the TLD system). I rewrote the code and released it a little while ago under an open source license - see addedbytes.com/blog/email-address-validation-v2/

Here's a couple of functions I find useful. They add and remove variables from querystrings (great if you're dynamically building querystrings, especially on listing pages with listing options).

Add a Variable to a Querystring

PHP Code:

function add_querystring_var($url, $key, $value) {
    $url = preg_replace('/(.*)(\?|&)' . $key . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
    $url = substr($url, 0, -1);
    if (strpos($url, '?') === false) {
        return ($url . '?' . $key . '=' . $value);
    } else {
        return ($url . '&' . $key . '=' . $value);
    }
} 


Remove a Variable from a Querystring

PHP Code:

function remove_querystring_var($url, $key) {
    $url = preg_replace('/(.*)(\?|&)' . $key . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
    $url = substr($url, 0, -1);
    return ($url);
} 


[feha]

Sorry, You don't deserve this.