Phát triển web với PHP và MySQL - p 38

Implementing Secure Transactions with PHP and MySQL CHAPTER 15 345 LISTING Continued Your message could not be encrypted, so has not been sent. Sorry.”; } ? In order to make this code work for you, you will need to change a few things. Email will be sent to the address in $to_email. The line putenv(“GNUPGHOME=/tmp/.gnupg”); will need to be changed to reflect the location of your GPG keyring. On our system, the Web server runs as the user nobody, and has the home directory /tmp/. We are using the function tempnam() to create a unique temporary filename. You can specify both the directory and a filename. | Implementing Secure Transactions with PHP and MySQL 345 Chapter 15 Listing Continued p Your message could not be encrypted so has not been sent. p Sorry. In order to make this code work for you you will need to change a few things. Email will be sent to the address in to_email. The line putenv GNUPGHOME tmp .gnupg will need to be changed to reflect the location of your GPG keyring. On our system the Web server runs as the user nobody and has the home directory tmp . We are using the function tempnam to create a unique temporary filename. You can specify both the directory and a filename prefix. We are going to create and delete these files in around one second so it is not very important what we call them. We are specifying a prefix of pgp but letting PHP use the system temporary directory. The statement command usr local bin gpg -a . --recipient Luke Welling luke@ . --encrypt -o outfile infile sets up the command and parameters that will be used to call gpg. It will need to be modified to suit you. As with when we used it on the command line you need to tell GPG which key to use to encrypt the message. The statement system command result executes the instructions stored in command and stores the return value in result. We could ignore the return value but it lets us have an if statement and tell the user that something went wrong. When we have finished with the temporary files that we use we delete them using the unlink function. This means that our user s unencrypted email is being stored on the server for a short time. It is even possible that if the server failed during execution the file could be left on the server. 15 Implementing Secure Transactions 346 E-commerce and Security Part III While we are thinking about the security of our script it is important to consider all flows of information within our system. GPG will encrypt our email and allow our recipient to decrypt it but how does the information originally come from the sender If

Không thể tạo bản xem trước, hãy bấm tải xuống
TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.