Jump to content

bad loop?


The Little Guy

Recommended Posts

I don't know why It is doing this, here is the page:

http://iconnect.publicsize.com/functions

 

The first two lines are the code, and the third line, is the output of the following function.

<?php
function encode($str){
global $encodeTxtArr,$encodeNumArr;
$str = str_split($str);
$st = array();
foreach($str as $val){
	$st[] = preg_replace($encodeTxtArr,$encodeNumArr,$val);
}
$st = implode(" ",$st);
return str_replace("~","",$st);
}
?>

 

The problem is, that the output for hello, should only be 10 chars in length, but as you can see... it is about 10 times longer.

Link to comment
Share on other sites

The problem is probably in $encodeNumArr. You are replaceing something with more characters than is searched. You are using it on a single character, anyway, so the replacement is each character. If you count the number of spaces in the output, it works for the number of letters in the input string. "h" is being turned into "757527513757575847575". Maybe post those global variables if you can't figure it out.

Link to comment
Share on other sites

Here are the two global variables:

 

<?php
$encodeTxtArr = array(
'~a~','~b~','~c~','~d~','~e~','~f~','~g~','~h~','~i~','~j~','~k~','~l~','~m~','~n~','~o~','~p~','~q~','~r~','~s~','~t~','~u~','~v~','~w~','~x~','~y~','~z~',
'~A~','~B~','~C~','~D~','~E~','~F~','~G~','~H~','~I~','~J~','~K~','~L~','~M~','~N~','~O~','~P~','~Q~','~R~','~S~','~T~','~U~','~V~','~W~','~X~','~Y~','~Z~',
'~1~','~2~','~3~','~4~','~5~','~6~','~7~','~8~','~9~','~0~',
'~\`~','~\~~','~\!~','~\@~','~\#~','~\$~','~\%~','~\^~','~\&~','~\*~','~\(~','~\)~','~\-~','~\_~','~\=~','~\+~','~\[~','~\]~','~\\\~','~\{~','~\}~','~\|~','~\;~','~\'~','~\:~','~\"~','~\,~','~\.~','~\/~','~\<~','~\>~','~\?~','~ ~'
);
$encodeNumArr = array(
'~31~','~58~','~17~','~93~','~40~','~74~','~50~','~28~','~60~','~87~','~63~','~59~','~26~','~66~','~15~','~10~','~20~',
'~37~','~25~','~35~','~53~','~56~','~12~','~65~','~57~','~43~','~27~','~61~','~19~','~23~','~69~','~68~','~83~','~47~',
'~06~','~09~','~81~','~73~','~29~','~44~','~55~','~79~','~92~','~39~','~62~','~01~','~90~','~76~','~95~','~34~','~42~',
'~49~','~46~','~24~','~78~','~13~','~21~','~05~','~94~','~84~','~07~','~03~','~82~','~75~','~77~','~41~','~70~','~88~',
'~54~','~02~','~85~','~38~','~14~','~08~','~71~','~18~','~64~','~45~','~04~','~89~','~11~','~51~','~80~','~86~','~30~',
'~48~','~32~','~36~','~52~','~16~','~22~','~33~','~00~','~67~','~72~');
?>

Link to comment
Share on other sites

<?php
$encodeTxtArr = array(
'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z',
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z',
'1','2','3','4','5','6','7','8','9','0',
'`','~','!','@','#','$','%','^','&','*','(',')','-','_','=','+','[',']','\\','{','}','|',';','\'',':','"',',','.','/','<','>','?',' '
);
$encodeNumArr = array(
'31','58','17','93','40','74','50','28','60','87','63','59','26','66','15','10','20',
'37','25','35','53','56','12','65','57','43','27','61','19','23','69','68','83','47',
'06','09','81','73','29','44','55','79','92','39','62','01','90','76','95','34','42',
'49','46','24','78','13','21','05','94','84','07','03','82','75','77','41','70','88',
'54','02','85','38','14','08','71','18','64','45','04','89','11','51','80','86','30',
'48','32','36','52','16','22','33','00','67','72'
);


function encode($str){
global $encodeTxtArr,$encodeNumArr;
return str_replace($encodeTxtArr,$encodeNumArr,$str);
}
?>

 

now hi returns: 2138403503... it should return a four digit number

Link to comment
Share on other sites

That is weird. When I use simpler code such as:

<?php
$encodeTxtArr = range('a', 'z');
$encodeNumArr = range(1,26);
print str_replace($encodeTxtArr,$encodeNumArr,'a');
?>

It prints 1

 

Here is the code I wrote:

<?php
$encodeTxtArr = array_merge(range('a', 'z'), range('A','Z'), array('!', '@', '[', ']', '(', ')', '.'));
$encodeNumArr = array(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70);

$str = 'Hello this is a test. This sentence (which is long) has some special characters like [] and @!';
print $str.'<br />';
print str_replace($encodeTxtArr,$encodeNumArr,$str);
?>

Just rearrange the numbers to whatever values you want, add the rest of your special chars, and see how that works?

Here it is on my site:

http://grady.us/temp/test.php

Link to comment
Share on other sites

<?php
$encodeNumArr = array(
'31','58','17','93','40','74','50','28','60','87','63','59','26','66','15','10','20',
'37','25','35','53','56','12','65','57','43','27','61','19','23','69','68','83','47',
'06','09','81','73','29','44','55','79','92','39','62','01','90','76','95','34','42',
'49','46','24','78','13','21','05','94','84','07','03','82','75','77','41','70','88',
'54','02','85','38','14','08','71','18','64','45','04','89','11','51','80','86','30',
'48','32','36','52','16','22','33','00','67','72'
);



$encodeTxtArr = array_merge(range('a', 'z'), range('A','Z'), range('0','9'), array('`','~','!','@','#','$','%','^','&','*','(',')','-','_','=','+','[',']','\\','{','}','|',';','\'',':','"',',','.','/','<','>','?',' '));

function encode($str){
global $encodeTxtArr,$encodeNumArr;
return str_replace($encodeTxtArr,$encodeNumArr,$str);
}
?>

hi now returns this:

 

074070703421034

Link to comment
Share on other sites

OH - you're replacing the strings with numbers - and then replacing numbers with other numbers. So it replaces the 3 in 31 with the new number for 3. See?

I bet if you use my for loop instead of str_replace, it will work. Because it won't go back over the ones you've already replaced.

Link to comment
Share on other sites

You can leave the numbers there, but you cannot replace them with numbers. Hence your issue. May I ask why your trying to write your own encode function when they already exist within php?

 

I want to encode data, so... if for some reason, someone, some how finds a way to get to the database, they wont be able to decode it, even if they do know all the decode functions that there are within php, because on top of my encode function, I am going to add a php encode function, to make it more secure.

 

OH - you're replacing the strings with numbers - and then replacing numbers with other numbers. So it replaces the 3 in 31 with the new number for 3. See?

 

3 will have its own value, and 1 will have its own value, so... 31 could look like 8947

 

Ill try your loop...

Link to comment
Share on other sites

$encodeNumArr = array(1,2,3,4,5....

 

If the number digits for each replacment isn't equal to the number of characters you plan on replacing, won't it create problems with mistakes such as:

 

ab becoming 12?  This wouldn't be a problem if you were encrypting data one way, but in the same sense, what if someone typed l instead?

 

Maybe I missed something though.... I haven't read through all of the code on this thread ;p.

 

Ahhh I just saw your second code and this problem doesn't apply to that since all of the numbers are 2 digits ;p.

 

Anyway, The Little Guy (almost called you Little Guy, but that seemed odd.... ;p), why not just use salting?

 

For example:

 

Let's say you're encrypting a string called $str.

Let's also assume you're using md5.

 

md5 is still uncracked (as far as a I know) as far as it goes as a one way encryption algorithm.  This means that someone can't take the md5 hash d5cb0a35d6c7403fde7a4a9474db6407 and know it's corbin pre-encryption.  This does create a problem though because someone could try every letter until they get the hash (a, b.... aa, ab....).

 

But!  When you use salting, unless the person knows the salt, the letter combination to recreate the hash will be incorrect.

 

For example, let's say the hash of $str + $salt where salt is a salting string is $hash.  $str2 md5'd without salt could be equal to the hash of $str + $salt, but this wouldn't be valid when a script tried to validate the plain text of $str2 with the encrypted value of the string in your database, since the original strings are different.

 

Anyway, salting does have it's downside since someone could solve the hashes of the following to plain text:

 

string1abc123

string2abc123

string3abc123

 

Once they saw the pattern of something like that, they could safely assume that abc123 is salt, and string1 is the text they are after (in the first case).

 

 

But!  Imagine if you combined mutliple salts....

 

Imagine someone trying to crack:

 

md5(md5($str.$salt) . $salt2 . md5($str));

 

The plain text of that hash would be at least 65 characters assuming salt2 is 1 or more characters.

 

Assuming the original string is a-zA-Z0-10 then there are 62 characters each of the 65 characters could be, thus 65^62 possibilities.  Assuming that the correct string is the last one in the generated strings, it would take 65^62 tries to get the correct string (which is still salted, and this would repeat again)

 

65^62 = 6.5e+63 by the way.  Unless my math memory fails me (which it probably does) that's 6.5*10^63 which is 65 with 62 trailing zeroes.

 

Also, if you use something such as md5, you have the advantage of a static hash length.... That way, your database column can always be 32 characters, and you know if it's not 32 something is wrong.

 

Anyway, I'm done rambling now.

Link to comment
Share on other sites

I finally got it... I think... Well... It works any way, I can encode and decode

 

<?php
$encodeNumArr = array(
'31','58','17','93','40','74','50','28','60','87','63','59','26','66','15','10','20','37','25','35','53','56','12','65','57','43',
'27','61','19','23','69','68','83','47','06','09','81','73','29','44','55','79','92','39','62','01','90','76','95','34','42','49',
'46','24','78','13','21','05','94','84','07','03',
'82','75','77','41','70','88','54','02','85','38','14','08','71','18','64','45','04','89','11','51','80','86','30','48','32','36','52','16','22','33','00','67','72'
);



$encodeTxtArr = array_merge(range('a', 'z'), range('A','Z'), range('0','9'), array('`','~','!','@','#','$','%','^','&','*','(',')','-','_','=','+','[',']','\\','{','}','|',';','\'',':','"',',','.','/','<','>','?',' '));

function encode($str){
global $encodeTxtArr,$encodeNumArr;
$arrstr = implode("",$encodeTxtArr);
$strArr = str_split($str);
for($i=0; $i<strlen($str); $i++){
	$n = strpos($arrstr,$strArr[$i]);
	$newStr .= $encodeNumArr[$n];
}
return $newStr;
}
function decode($str){
global $encodeTxtArr,$encodeNumArr;
$strArr = str_split($str,2);
foreach($strArr as $val){
	$pos = array_search($val,$encodeNumArr);
	$newStr .= $encodeTxtArr[$pos];
}
return $newStr;
}
?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.