Problem passing encrypted values in url segments

Posted: 04 July 2008 03:41 AM

[ Ignore ]

Summer Student

Total Posts: 15

Joined 09-28-2007

I have an application that that needs an id to be passed as part of the URL. Due to security concerns I need to encrypt the id.

Current Scenario -


http://mysite/mycontroller/myfunction/5

Expected solution -


http://mysite/mycontroller/myfunction/XcvTr4YtddfRkouyt

The encrypted id will be decoded and used later.

I tried using the encrypt helper..the problem is that special characters are introduced and + or / is part of the encrypted string. This is throwing up all types of problems.

I have also tried to use htmlentities, urlencode, rawurlencode, htmlspecialcharacters as wrappers after encryption. Nothing seems to work as each of these allow the use of ‘/’.

Can someone guide me on what to do ?
Thanks in advance.

Signature

When in doubt…. Run.

Profile

Pascal Kriete

Posted: 04 July 2008 05:48 AM

[ Ignore ] [ # 1 ]

Administrator

Total Posts: 3103

Joined 01-07-2008

Encrypt uses base64_encode before returning the string, so basically, you need to replace all the offending characters with something that isn’t in the base64 alphabet (and is allowed in a url), and then replace it back before decoding it.

$encoded = $this->encrypt->encode....
$encoded = strtr($encoded, '+/=', '-_,');

// And back again
$decoded = strtr($encoded, '-_,', '+/=');
$decoded = $this->encrypt->decode... 