Jump to content

[SOLVED] Url Encryption

l!m!t

By l!m!t
in PHP Coding Help

 Share

Recommended Posts

l!m!t Member

l!m!t

Posted
Posted

Hello everyone,

 

I am stuck on something hopefully someone can provide some quick help.

 

I have an array that I have converted to $_GET vars, since I was unable to register it as a session.

 

I want to encrypt the $url output, base_64 seems to easy to decrypt. I have mcrypt on my server, but am lost on how to decrypt the $_GET vars back into an array.

 

Can anyone provide a simple method to do this or an example, I basally only want to decrypt the encrypted vars and put them back into an array. I am not sure if mcrypt is even a solution. Any exaples or help would be great.

 

This is my code.

 

$comments_admin_array=array(
      'Test1' => $_REQUEST['Test1'],
      'Test2' => $_REQUEST['Test2'],
      'Test3' => $_REQUEST['Test3']);
        
$url = "";
foreach($comments_admin_array as $key => $value){
   
    if($url != ""){
        $url .= "&";
    }
    $url .= $key . "=" . $value;
}

?>
http://myurl.com?qd=<?=$url?>  // want to encrypt $url

 

Thanks.

 

Link to comment
https://forums.phpfreaks.com/topic/144247-solved-url-encryption/
Share on other sites
genericnumber1 Member

genericnumber1

Posted
Posted

Any encryption scheme that you are capable of decrypting is easy for someone else to decrypt. You can do something like serialize/base64/gzcompress, but it's still not secure. If you're going to be passing sensitive data, do it through POST, not GET. If it's not sensitive, what's wrong with a simple solution like base64?

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Since the original data is $_REQUEST (POST/GET/COOKIE) from the visitor anyway, there is no point in trying to encode/encrypt it for security reasons it because he was the source of it in the first place.

 

You should really just figure out what was wrong with your code using sessions because the more data you pass through the browser as POST/GET/COOKIE data, the slower your site will operate.

l!m!t Member

l!m!t

Posted
  • Author
Posted

Since the original data is $_REQUEST (POST/GET/COOKIE) from the visitor anyway, there is no point in trying to encode/encrypt it for security reasons it because he was the source of it in the first place.

 

You should really just figure out what was wrong with your code using sessions because the more data you pass through the browser as POST/GET/COOKIE data, the slower your site will operate.

 

Ah ok. Thanks, yeah this is the default action from the callback server, they send these $_REQUEST variables anyway. I think since the Callback is offsite is the reason my session doesn't register the variables. This is why I was using $_GET to processes them. Maybe a simple base_64 will work for my needs I was just hoping for something a little more encrypted.

 

Thanks for the help.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.