- var_dump: documentation ( source)
- preg_replace: documentation ( source)
- rand: documentation ( source)
- md5: documentation ( source)
<?php
function gen_secured_random() { // cause random is the way
$a = rand(1337,2600)*42;
$b = rand(1879,1955)*42;
$a < $b ? $a ^= $b ^= $a ^= $b : $a = $b;
return $a+$b;
}
function secured_hash_function($plain) { // cause md5 is the best hash ever
$secured_plain = sanitize_user_input($plain);
return md5($secured_plain);
}
function sanitize_user_input($input) { // cause someone told me to never trust user input
$re = '/[^a-zA-Z0-9]/';
$secured_input = preg_replace($re, "", $input);
return $secured_input;
}
$s = 's';
$h ='h';
print "s => ";
var_dump($s);
print "h => ";
var_dump($h);
if (isset($s) && isset($h )) {
$s = sanitize_user_input($s);
$h = secured_hash_function($h);
$r = gen_secured_random();
echo "strans => " ; var_dump($s);
echo "htrans => " ; var_dump($h);
echo "rtrans => " ; var_dump($r);
if($s != false && $h != false) {
if($s.$r == $h) {
print "Well done! Here is your flag: ";
}
else {
print "Fail...";
}
}
else {
print "<p>Hum ...</p>";
}
}
?>