|Last Updated|| ||Ratings|| ||Unique User Downloads|| ||Download Rankings|
|2019-07-08 (7 days ago) ||Not enough user ratings||Total: 160 This week: 12||All time: 313 This week: 2|
This package implements a chat system that exchanges encrypted messages.
Users can send messages to the peers over a network using AJAX requests.
The messages are encrypted with a previously agreed password between the peers.
The messages are stored encrypted in the server database using PHP.
Prize: One ebook of choice by Packt
|Since Eduard Snowden has disclosed that many people communications were being intercepted, many users become worried with whether they were being tapped on the Internet.
Several solutions appeared to provide end-to-end encryption of messages exchanged between users.
This package provides a solution to chat between two users that uses a secret key to encrypt the messages.
Even though messages are stored on the server database, it is not possible to decrypt the messages without using the password that only the users have on the browser side.
Uses a previously agreed password with the recipient, avoiding any initial key exchange across a network.
- Lightweight (45kB).
- POST AJAX used (GET AJAX data would be recorded in server logs).
- SHA-256-hashed key.
- Blowfish cipher in CBC-mode (base64 display overlays binary-encrypted data).
- Messages stored encrypted in the database.
- Clone the repository / extract the file archive into a suitable directory in the server's web directory.
- On *nix servers, set appropriate file ownership on this directory.
- Edit the configuration section details in /install.php (line 18 onwards): username, passwords, database, host etc.
- Edit the constants in /classes/cchat.class.php (line 18 onwards) to be identical to those in /install.php
- Run /install.php through your server (which, if you have root MySQL access, should mean set-up is complete ...
- View CChat's /index.php in a browser, which if install.php ran correctly, should display without connection errors to the server.
- Alter the timezone if required: /index.php (line 5):
- message display
- your name
- your password (use a strong password, previously agreed, to share messages with a recipient)
- your message
The decrypt button will decrypt existing encrypted messages in field 1, if the correct password is present in field 2.
Enter your name in field 2, password in field 3, and a message in field 4, then click the chat button.
A page refresh (encrypted messages displayed) or the wrong password will result in gibberish displayed in field 1.
The AJAX polling is 6 seconds between server checks for new messages (change the
iCheckFreq variable (in microseconds) /js/cchat.js (line 17)).
The last hour's messages are displayed in field 1 (change the
MESSAGE_BUFFER constant /classes/cchat.class.php (line 24)).
Character Set Limitation
- Intermittent duplicate message bug (refresh page and it disappears): /js/cchat.js (line 294).
- Some intermittent line break character removal when using Linux and Windows browser clients together.
- Matthew of JS Classes for testing / revision suggestions.
- Karl, who asked me to create a 'shoutbox' in 2010.
- To God (I narrowly escaped death in 1992).
- To Sofia.
CChat is released under the GPL v.3.
Won a JS Classes Innovation Award (August 2016).
||Applications that use this package
No pages of applications that use this class were specified.
If you know an application of this package, send a message to the author to add a link here.