· 7 years ago · Sep 10, 2018, 08:08 PM
1PHP hashing input field names
2$time = mktime();
3$first_name = md5($time + 'first_name');
4
5<form action="register.php" method="post">
6<input type="text" name="<?php echo $first_name ?>" >
7<input type="hidden" name="check" value="<?php echo $time ?>" >
8<input type="submit" name="register">
9</form>
10
11// check to see if there is a timestamp
12if (isset($_POST['check'])) {
13 $time = strtotime($_POST['check']);
14
15 if (time() < $time) {
16 // original timestamp is in the future, this is wrong
17 }
18
19 if (time() - $time < 60) {
20 // form was filled out too fast, less than 1 minute?
21 }
22
23 // otherwise
24 $key = $_POST['check'];
25
26 if (md5($key + 'first_name') == $_POST['whatever-the-hash-on-the-first_name-field-was']) {
27 // process first_name field?
28 }
29}
30
31<form action="register.php" method="post">
32<? $timestamp = time() ?>
33<!-- This is where the user would put the email. Don't put this comment in for real -->
34<input type="text" name="<?php echo md5("email" . $timestamp . $secretKey) ?>" >
35<input type="hidden" name="check" value="<?php echo $timestamp ?>" >
36<input type="submit" name="register">
37</form>
38
39<?
40 if (isset($_POST['check'])) {
41 $email = $_POST[md5("email" . $_POST['check'] . $secretKey)];
42 }
43?>