encrypting address bar string with php
 

I need to encrypt a string in the status bar so that I can pass

?string=798&Wwehkl3elkjdslade

instead of something like

?info1=true&info2=false&info3=true

NOW....

I need to know what encrypting language I need to use..

I was gonna use mcrypt... but it seems des and all the other encrypting things I used create some weird characters... I need to pass it through the browser address bar, so it needs to be numbers and letters...

can anyone guide me with this please?

for what purpose?

.

Will urlencode() work?

I wanna build a page where I pass my page's options through the url.... BUT, I don't want to have the surfers able to modify the page by changing what's in the top

I believe urlencode is only to change spaces with something else or something.....

urlencode the results the crypt returns.

Edit: On second thought, this is a really dumb suggestion. Don't bother with this at all - use sessions for this. It's a much better way of doing what you want.

Cheers,
Backov

hey backov...

yeah, that's what I was thinking...

but it makes a huge freakin' url though LOL....

there's no encryption/decryption package that uses letters and numbers only?

I'm a rookie at php my friend ;)

what do you mean with sessions..

you mean session_encode ?

Use Sessions :thumbsup

Use a hash of the values combined with a secret key.

var1=foo&var2=bar&var3=baz&key=3837s7743

in the php, do something like.
generate key:
$key = crypt("var1=foo&bar2=bar&var3=baz" . $mysecretkey)

check:
if ($key == crypt("var1=$var1&var2=$var2&var3=$var3" . $mysecretkey)) { // good value }
else {
//bad value, someone chaned something
}

Unless they know your secret key, they can't
change the values, without screwing up the
key. (which is basically just a checksum
of the values they originally had)

Of course, sessions is probably a better solution.
And if you're sure the users support cookies,
they can be done through cookies alone,
not using the ugly urls.

found this randomly online

http://codewalkers.com/tutorials.php?show=32

read it

yeah, the key thing is a solution :)

thanks for all the info guys... will find it out I guess ;)

encrypt it with mcrytp, the use bin2hex and pass the hex value .. then use hex2bin before you unencrypt it

here .. bin2hex is built in

function encrypt($key, $data)
{
$plain_text = trim($data);
$iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB));
$c_t = mcrypt_encrypt (MCRYPT_CAST_256, $key, $plain_text, "cfb", $iv);
return trim(chop(base64_encode($c_t)));
}


function decrypt($key, $c_t)
{
$c_t = trim(chop(base64_decode($c_t)));
$iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB));
$p_t = mcrypt_decrypt (MCRYPT_CAST_256, $key, $c_t, "cfb", $iv);
return trim(chop($p_t));
}

function hex2bin($data) {
$len = strlen($data);
for ($i=0;$i<$len;$i+=2) {
$newdata .= pack("C",hexdec(substr($data,$i,2)));
}
return $newdata;
}

xroach, thanks a lot dude...

that made my day ;)

no worries :thumbsup