This code allows you to use a changing passowrd based on the day of the week and a present code. Good security in a pinch.
By : drastik
<?
// This page creates a changing password scheme that uses a simple 7 number code that
// changes based on the day of the week. For instance, on monday you would increase the
// first of the seven integers by one, on tuesday you would increase by two, on wendsday:
// increase three, and so on through sunday.
// The php code checks this against you schema of passcodes for each day and determines if
// you have entered the code correctly.
// Given that PHP has a great deal of flexibility in the movement oand find replace
// functions for objects in an array, you can use this code as a starting point to develop
// your own codes. The code above is not unbreakable, a good history buff might even know
// the code itself, but a brute force attack could crack it. Of course, if you are using
// integers, increasing the number of ints will make it ore difficult to crack.
// This code is designged to work like a keypad where no user id is required. You could
// build in userid functionality in your prefeered method (database, textfile, etc) or
// create a code for usernames as well! I've left this part out for the sake of brevity.
if (isset($_POST['passcode'])) { // run the functions if a post is enterd
// This is the passCode function set
$passCode = $_POST['passcode'];
$passCode = explode(".",$passCode); // break the post nto an array
$passCode = array_sum($passCode); // sum the array
// This is the checkCode function set
$baseCode = "8.3.0.4.4.2.1"; // Usualy this is a phone number, easy to remember
$codeArr = explode(".",$baseCode); // array the baseCode
// These functions determine the changes to the code based on the day of the week
if (date("D") == "Mon") {
$codeArr[0] = $codeArr[0] + 1;
}
elseif (date("D") == 'Tue') {
$codeArr[1] = $codeArr[1] + 2;
}
elseif (date("D") == 'Wed') {
$codeArr[2] = $codeArr[2] + 3;
}
elseif (date("D") == 'Thu') {
$codeArr[3] = $codeArr[3] + 4;
}
elseif (date("D") == 'Fri') {
$codeArr[4] = $codeArr[4] + 5;
}
elseif (date("D") == 'Sat') {
$codeArr[5] = $codeArr[5] + 6;
}
elseif (date("D") == 'Sun') {
$codeArr[6] = $codeArr[6] + 7;
}
// bring the changed baseCode numbers back into an array
implode($codeArr);
$sumCode = array_sum($codeArr); // sum that array
if ($sumCode == $passCode) { //check sums for equality
print "Access Granted";} // do whatever once you authorize
else { print "Access Denied!"; }
}
else { //if no post is entered, print the code box
print "Enter code as integers seperated by periods.";
print "<form action=\"$PHP_SELF\" method=\"post\">";
print "<input type=\"password\" name=\"passcode\" />";
print "</form>";
}
?>
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More User Management Code Articles
More By Codewalkers
 developerWorks - FREE Tools!
|
Visit IBM developerWorks to download a free trial version of Lotus Quickr 8.0, which enables collaboration by transforming the way everyday business content such as documents, rich media, photos, and video can be shared. Lotus Quickr makes it faster and easier to share content of all types (not just documents) within virtual teams. It is designed to make it easier to collaborate across organizational boundaries, while continuing to work within the context of familiar desktop applications.
FREE! Go There Now!
|
|
|
|
This tutorial shows new users of IBM WebSphere Business Monitor Version 6.0.2 how to perform the "Hello World" equivalent for monitoring business process applications. It is intended to help you get familiar with the capabilities of the product.
FREE! Go There Now!
|
|
|
|
Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started.
FREE! Go There Now!
|
|
|
|
This Fall, IBM Rational talks to you directly through a special teleconference series giving you access to the best minds in IBM Rational - product experts and market thought leaders who will answer your questions during these pre-scheduled telephone conference calls. Register today!
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on November 29 at 1:00 pm ET to participate in an interactive discusssion with Grady Booch around architecture and reuse. Get your questions answered!
FREE! Go There Now!
|
|
|
|
Try the latest version of IBM Rational Manual Tester V7.0.1 by downloading a free trial from IBM developerWorks. This manual test authoring and execution tool promotes test step reuse to reduce the impact of software change on testers and business analysts and addresses the needs of teams performing at least a portion of their testing manually.
FREE! Go There Now!
|
|
|
|
You can now evaluate IBM Rational Asset Manager V7.0 online without installing or configuring it on your own system! Rational Asset Manager helps create, modify, govern, find, and reuse any type of development assets, including SOA and systems development assets. Rational Asset Manager helps you reduce software development costs and improve quality by facilitating the reuse of all types of software development-related assets. Visit developerWorks to learn more about this product and register to explore its capabilities online.
FREE! Go There Now!
|
|
|
|
Whether you are creating new applications or modifying existing ones, managing integration of new components with traditional z/OS elements is a critical part of building and deploying modern applications. Listen to this webcast to see how IBM can help you optimize your development process using an IDE like Rational Developer for System z that integrates with management tools, such as ClearCase to manage your application development on mainframes.
FREE! Go There Now!
|
|
|
|
IBM Lotus Notes 8 provides a wide range of developers the ability to provide customized, integrated user interfaces via composite applications and via custom sidebar and toolbar plug-ins. This webcast provides you with tips and techniques to use with out-of-the-box capabilities of Lotus Notes 8, and survey how you can share useful components within your own company and within a larger community.
FREE! Go There Now!
|
|
|
|
Explore how Rational and WebSphere software enable enterprise documentation in SOA environments. Specifically, a new integration between IBM WebSphere® Business Modeler and IBM Rational® Method Composer software can help technical writers more easily keep enterprise operations manuals in sync with changes that are made to business processes, resulting in more accurate and timely documentation that benefits the entire enterprise.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
