View Single Post
  #8  
Old 26 Aug 2012, 09:32
kh99 kh99 is offline
 
Join Date: Aug 2009
Real name: Kevin
Originally Posted by movmix View Post
OK. Let's say that i want add MD5 with userid like


register.php?referrerid=1&invite=5808409b7ba1463c0d518dca3bb31d0e

See, If I want add the hash how can I ?

Well, you could include the userid and also a hash to check the validity. Is that what you mean? It probably wouldn't be really great security-wise, but it might be good enough for your purpose. You could do something like make a secret phrase that you define in your code, then to produce the "invite" parameter, make a hash of the phrase with the userid, like


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Then when the link is clicked you can do the same thing (because you'll have the userid in the "referrerid" parameter) and compare them.

With this scheme, an uninvited person trying to register won't know how to create the right hash value to look like they were refered by a certain user, but of course once someone knows one of the hash values, it can be used again and again, which is why the other idea of storing a random value in a db table is better.

Last edited by kh99; 26 Aug 2012 at 09:40.
Reply With Quote