php安全密码生成器

Question

我一直在玩密码生成器，但我的php最好是......平庸。周围有很多密码生成器功能示例，所以我从那里开始。我偶然发现了生成器和用户输入之间的接口，但可以使用一些建议来清理它。

我想要一个密码长度的默认值，但如果我设置一个说14使用值= 14我似乎无法手动更改它。 在我生成密码之前，显示密码的边框非常小，如何设置密码呢？

正在使用从表单到函数的帖子，然后用野兽方式将它带回来吗？

只是想学习！

的index.php

<?php
session_start();
?>
<!doctype html>
<head>
  <title>Password Generator</title>
</head>




      <h1>Password Generator</h1>
      <p>Just a basic password generator.</p>
      <form method="post" action="./pass.php">
      <table>
          <tr>
              <td colspan="2"><h3>Select Characters</h3></td>
          </tr>
          <tr>
              <td colspan="2"><input checked="checked" type="checkbox" name="alpha" /> Lowercase A-Z</td>
          </tr>
          <tr>
              <td colspan="2"><input checked="checked" type="checkbox" name="alpha_upper" /> Uppercase A-Z</td>
          </tr>
          <tr>
              <td colspan="2"><input checked="checked" type="checkbox" name="numeric" /> Numbers (0-9)</td>
          </tr>
          <tr>
              <td colspan="2"><input checked="checked" type="checkbox" name="special" /> Special Characters (.-+=_,!@$#*%<>[]{})</td>
          </tr>
          <tr>
              <td colspan="2"><h3 style="margin: 20px 0;">Password Length</h3></td>
          </tr>
          <tr>
              <td colspan="2"><input type="text" name="length" size="2" maxlength="2" /></td>
          </tr>
          <tr>
              <td colspan="2"><input type="submit" value="Generate" /></td>
          </tr>
          <tr>
              <td colspan="2">
                  <div style="padding: 20px 0;">
                      <div>Your Password:</div>

                    <div style='border:1px black solid; font-size: 14px; font-family: monospace; padding:3px; color:#000; background-color: #D2E0E6; margin: 0;'>
                        <?php
                        echo $_SESSION['password'];
                        ?>
                    </div>

</div>
<?php
session_destroy();
?>
              </td>
          </tr>
      </table>
    </form>

</body>
</html>

pass.php

<?php
$alpha = "abcdefghijklmnopqrstuvwxyz";
$alpha_upper = strtoupper($alpha);
$numeric = "0123456789";
$special = ".-+=_,!@$#*%<>[]{}";
$chars = "";

if (isset($_POST['length'])){
    if (isset($_POST['alpha']) && $_POST['alpha'] == 'on')
        $chars .= $alpha;

    if (isset($_POST['alpha_upper']) && $_POST['alpha_upper'] == 'on')
        $chars .= $alpha_upper;

    if (isset($_POST['numeric']) && $_POST['numeric'] == 'on')
        $chars .= $numeric;

    if (isset($_POST['special']) && $_POST['special'] == 'on')
        $chars .= $special;

    $length = $_POST['length'];
}else{
    $chars = $alpha . $alpha_upper . $numeric;
    $length = 9;
}

$len = strlen($chars);
$pw = '';

for ($i=0;$i<$length;$i++)
        $pw .= substr($chars, rand(0, $len-1), 1);

$pw = str_shuffle($pw);

session_start();
$_SESSION['password'] = $pw;

header("Location: index.php");
die();

?>