|
(view this code in a separate window) #! /usr/bin/perl -w # # digest.pl # # This code shows how you can create an MD5 digest # of random data. Create code similar to this that # digests all hidden HTML form elements with a # well-protected passphrase. Then when the attacker # attempts to modify the hidden fields (to reduce # the price of an item in a shopping cart, for example) # then the digests will not match, and you can dissalow # the access. # # Copyright 2001, James Lee # Released under the GPL use Digest::MD5 qw( md5_base64 ); $passphrase = 'A VERY difficult to guess passphrase'; $product = 'Widget A'; $price = '30.00'; $digest = md5_base64($product, $price, $passphrase); print $digest,"\n";
|