|
Posted by Jasper Bryant-Greene on 10/22/05 04:50
On Fri, 2005-10-21 at 20:45 -0500, Richard Lynch wrote:
> Anyway, my question is, what is the morally correct function to use to
> remove these null characters from the end of my string?
>
> I'm guessing 'rtrim' would work, but is a NUL char really whitespace?
I think rtrim() is probably your best bet. Haven't tried, though.
> To be clear: I'm mcrypt_encrypt()ing the secret word into the URL and
> a hidden form element, along with the IV, ditto, and so both are
> available to the potentical malicious user. So if exposure of IV is
> an issue in any suggested answer, keep that in mind.
To be honest, I think you're going about it the wrong way. Put the
secret word into $_SESSION. Point the <img> tag at a PHP script which
pulls it out of $_SESSION and renders it as an image. Then you don't
need to send it to the client in any form.
--
Jasper Bryant-Greene
General Manager
Album Limited
e: jasper@album.co.nz
w: http://www.album.co.nz/
p: 0800 4 ALBUM (0800 425 286) or +64 21 232 3303
a: PO Box 579, Christchurch 8015, New Zealand
Navigation:
[Reply to this message]
|