CODEWITHSUNDEEP
phpcodeigniter
stormrage
stormrage

Reputation: 230

How to secure variable send through URL?

I'm using PHP and CI framework, I want to send variable through URL but I want it to be somewhat encrypted.

For example i want to send variable named id:

www.trythis.com/site?id=123

I want it to be

www.trythis.com/site?id=VkxSiOW31S

The encrypted text is just an example. How can I do that? or is there CI function that can do this?

Note: I already try base64_encode but it somehow can't be used in CI due to its special characters such as ==.

Upvotes: 1

Views: 183

Answers (2)

MH2K9
MH2K9

Reputation: 12039

CodeIgniter has Encryption Class. You can use that class to encrypt and decrypt. To configure follow the steps

  1. Setting your Key

    $config['encryption_key'] = "YOUR KEY";

  2. Initializing the Class

    $this->load->library('encrypt');

To encode use

$id = '123';
$encrypted_id = $this->encrypt->encode($id);
//$url = 'www.trythis.com/site?id=' . $encrypted_id;

And to decode

//$encrypted_id = $_GET['id'];
$decrypted_id = $this->encrypt->decode($encrypted_id);

Upvotes: 1

user2755150
user2755150

Reputation:

I made this class for the same purpose:

class Cypher
{

    public $encrypted;
    public $decrypted;

    public function __construct($_value) {

        $this->encrypted = $this->encrypting($_value);
        $this->decrypted = $this->decrypting($_value);

    }

    private function encrypting($_value) {

        $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");
        $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
        $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
        $utf8 = utf8_encode($_value);
        $cipher = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $utf8, MCRYPT_MODE_CBC, $iv);
        $cipher = $iv.$cipher;
        $base64 = base64_encode($_value);

        return $base64;

    }

    private function decrypting($_value) {

        return base64_decode($_value);

    }

}

Let's try your example:

$cypher = new Cypher('123');

header("location: www.trythis.com/site?id=".$cypher -> encrypted);

On www.trythis.com/site page:

$id = isset($_GET['id']) ? new Cypher($_GET['id']) : "";

echo $id -> decrypted;

Upvotes: 0

Related Questions