Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home Backend Development PHP Tutorial http://www.12306.cn/mormhweb/ Securely transmit passwords over normal HTTP

http://www.12306.cn/mormhweb/ Securely transmit passwords over normal HTTP

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
Jul 29, 2016 am 08:37 AM

1. Theory
On ordinary HTTP, the password in the general form is transmitted to the server in clear text for processing. This undoubtedly gives the bad guys an opportunity! Here we will talk about how to transmit passwords safely!​
Rather than transmitting the password itself, it is better to transmit its encrypted form. MD5 is a good choice. First, it is almost impossible for different resources to generate the same MD5 digest. Second, the encoding method of MD5 is irreversible. With these features, we can allow MD5 digests to be transmitted publicly on the Internet without worrying about the password being known by bad actors. Then the password is encrypted in the same way on the server side, and finally the two strings are compared.​
However, we cannot md5 the password and transmit it directly through the Internet for login, because although the bad guys will not know our password, they will definitely know this special string that can authorize them to access our website!​
This is the problem that public keys and private keys have to solve. First, the server provides a random string, and then the client adds the random string and the password and then encrypts it!​
Every time you log in, the server will generate a different random string, so that your password does not change, but the MD5 digest encrypted by the above method is completely different. In this way, even if the bad guys get these MD5 digests, they will not be able to analyze your password!​
In this method, the random string provided by the server is called the "public key", which has a short lifespan and can be used by anyone; your password is called the "private key", which has a long lifespan and will never be known. .​
2. accomplish
Client-side Javascript does not provide a ready-made md5 algorithm, but if we search for "md5 javascript" on Google, we can get many examples of md5 implemented in Javascript.​
I don’t need to say more in PHP, you can just use the md5() function! We can use session to store random strings (PHP is so powerful~~)
3. Notice
In JS, Chinese characters are in UTF-8 format, so if your password is in Chinese, and the encoding method of the password stored on the server is GB2312, then the encrypted strings of the two passwords are completely different!

The above has introduced http://www.12306.cn/mormhweb/ to securely transmit passwords over ordinary HTTP, including the content of http://www.12306.cn/mormhweb/. I hope you are interested in PHP tutorials. Friends help.

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Show More

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
1 months ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
How Long Does It Take To Beat Split Fiction?
3 weeks ago By DDD
R.E.P.O. Save File Location: Where Is It & How to Protect It?
3 weeks ago By DDD
Show More

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Show More

Hot Topics

Where is the login entrance for gmail email?
7338
9
Java Tutorial
1627
14
CakePHP Tutorial
1352
46
Laravel Tutorial
1265
25
PHP Tutorial
1210
29
Show More
Related knowledge
11 Best PHP URL Shortener Scripts (Free and Premium) 11 Best PHP URL Shortener Scripts (Free and Premium) Mar 03, 2025 am 10:49 AM

Long URLs, often cluttered with keywords and tracking parameters, can deter visitors. A URL shortening script offers a solution, creating concise links ideal for social media and other platforms. These scripts are valuable for individual websites a

Working with Flash Session Data in Laravel Working with Flash Session Data in Laravel Mar 12, 2025 pm 05:08 PM

Laravel simplifies handling temporary session data using its intuitive flash methods. This is perfect for displaying brief messages, alerts, or notifications within your application. Data persists only for the subsequent request by default: $request-

Build a React App With a Laravel Back End: Part 2, React Build a React App With a Laravel Back End: Part 2, React Mar 04, 2025 am 09:33 AM

This is the second and final part of the series on building a React application with a Laravel back-end. In the first part of the series, we created a RESTful API using Laravel for a basic product-listing application. In this tutorial, we will be dev

Simplified HTTP Response Mocking in Laravel Tests Simplified HTTP Response Mocking in Laravel Tests Mar 12, 2025 pm 05:09 PM

Laravel provides concise HTTP response simulation syntax, simplifying HTTP interaction testing. This approach significantly reduces code redundancy while making your test simulation more intuitive. The basic implementation provides a variety of response type shortcuts: use Illuminate\Support\Facades\Http; Http::fake([ 'google.com' => 'Hello World', 'github.com' => ['foo' => 'bar'], 'forge.laravel.com' =>

cURL in PHP: How to Use the PHP cURL Extension in REST APIs cURL in PHP: How to Use the PHP cURL Extension in REST APIs Mar 14, 2025 am 11:42 AM

The PHP Client URL (cURL) extension is a powerful tool for developers, enabling seamless interaction with remote servers and REST APIs. By leveraging libcurl, a well-respected multi-protocol file transfer library, PHP cURL facilitates efficient execution of various network protocols, including HTTP, HTTPS, and FTP. This extension offers granular control over HTTP requests, supports multiple concurrent operations, and provides built-in security features.

12 Best PHP Chat Scripts on CodeCanyon 12 Best PHP Chat Scripts on CodeCanyon Mar 13, 2025 pm 12:08 PM

Do you want to provide real-time, instant solutions to your customers' most pressing problems? Live chat lets you have real-time conversations with customers and resolve their problems instantly. It allows you to provide faster service to your custom

Announcement of 2025 PHP Situation Survey Announcement of 2025 PHP Situation Survey Mar 03, 2025 pm 04:20 PM

The 2025 PHP Landscape Survey investigates current PHP development trends. It explores framework usage, deployment methods, and challenges, aiming to provide insights for developers and businesses. The survey anticipates growth in modern PHP versio

Notifications in Laravel Notifications in Laravel Mar 04, 2025 am 09:22 AM

In this article, we're going to explore the notification system in the Laravel web framework. The notification system in Laravel allows you to send notifications to users over different channels. Today, we'll discuss how you can send notifications ov

See all articles