Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

added length checks

  • Loading branch information...
commit 0ea86223fa4d1b4602d8c931ea599ccbeccc800e 1 parent a9c5ba0
Sunny Singh authored
Showing with 12 additions and 1 deletion.
  1. +12 −1 signup.php
View
13 signup.php
@@ -17,9 +17,20 @@
// In a typical situation, you will have a form with the "method" attribute set to "post" with an input of name "password"
$password = $_POST["password"];
+// Passwords should never be longer than 72 characters to prevent DoS attacks
+if (strlen($password) > 72) { die("Password must be 72 characters or less"); }
+
// The $hash variable will contain the hash of the password
$hash = $hasher->HashPassword($password);
-// store the value of $hash in a database or something
+if (strlen($hash) >= 20) {
+
+ // store the value of $hash in a database or something
+
+} else {
+
+ // something went wrong
+
+}
?>
Please sign in to comment.
Something went wrong with that request. Please try again.