How to encrypt the $_GET data in php?

2020-06-06 07:45发布

站内问答 / PHP
1574 3 4

As in php we use $_GET to pass variables in the url , i want to pass variables which include the id of the user which i want to be anonymous, so can something be done which can encrypt the variable before passing it and the the variable once taken on the page can be decrypted to get the original variable value.

for eg:

Before passing variable $id=10;

Passed in the url as $id=dasfgjg;

when taken from the url and decrypted $id=10;

How can this be achieved?

3条回答
够拽才男人
2楼-- · 2020-06-06 08:00

You can use an RC4 cipher if you intend to encrypt/decrypt only on the server-side

http://www.phpkode.com/source/s/rc4-cipher-0-1/rc4-cipher-0-1/RC4.php

$my_secret_key = '3klmsd94mms.saeo44o!!3le';

if( isset($_GET['p']) ) {
  $id = RC4::decrypt($my_secret_key, $_GET['p']);
  // ....
}
else {
  echo '<a href="/?p='.RC4::encrypt($my_secret_key, 12).'">Go to the page</a>';
}
查看更多
0人赞 添加讨论(0) 举报
该账号已被封号
3楼-- · 2020-06-06 08:03

Just generate random strings (make sure it's unique) for each record in the database and save it there, too. Then use this as an identifier. Note that, of course, this has nothing to do with encryption.

查看更多
0人赞 添加讨论(0) 举报
我欲成王,谁敢阻挡
4楼-- · 2020-06-06 08:10

A quick and dirty way to achieve this (for each request)

  • on the client, create a string like 'xx:10:yy' where xx and yy are strings consisting pf random characetrs
  • on the client, create a salted hash of the users salted/hashed password
  • use this hash as a key and the string from the first bullet as cleartext for encryption with e.g. crypt.js
  • in the request send the encrypted string and the salt
  • on the server use the transmited salt and the users salted/hashed password to recover the key
  • on the server use mcrypt or friends to decrypt the string
  • on the server use standard PHP text processing functions to recover the payload from the decrypted string
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)