Specifications

<p>Your message could not be encrypted, so has not been sent.

<p>Sorry.”;

}

In order to make this code work for you, you will need to change a few things. Email will be

sent to the address in $to_email.

The line

putenv(“GNUPGHOME=/tmp/.gnupg”);

will need to be changed to reflect the location of your GPG keyring. On our system, the Web

server runs as the user nobody, and has the home directory /tmp/.

We are using the function tempnam() to create a unique temporary filename. You can specify

both the directory and a filename prefix. We are going to create and delete these files in around

one second, so it is not very important what we call them. We are specifying a prefix of ‘pgp’,

but letting PHP use the system temporary directory.

The statement

$command = “/usr/local/bin/gpg -a “.

“--recipient ‘Luke Welling <luke@tangledweb.com.au>’ “.

“--encrypt -o $outfile $infile”;

sets up the command and parameters that will be used to call gpg. It will need to be modified

to suit you. As with when we used it on the command line, you need to tell GPG which key to

use to encrypt the message.

The statement

system($command, $result);

executes the instructions stored in $command and stores the return value in $result.

We could ignore the return value, but it lets us have an if statement and tell the user that some-

thing went wrong.

When we have finished with the temporary files that we use, we delete them using the

unlink() function. This means that our user’s unencrypted email is being stored on the server

for a short time. It is even possible that if the server failed during execution, the file could be

left on the server.

Implementing Secure Transactions with PHP and MySQL

HAPTER 15

MPLEMENTING

ECURE

TRANSACTIONS

345

LISTING 15.2 Continued

19 7842 CH15 3/6/01 3:40 PM Page 345