CODEWITHSUNDEEP
phpcodeigniterencryption
Rakesh
Rakesh

Reputation: 213

codeigniter url encrypt not working

<a href="<?php echo base_url().'daily_report/index/'.$this->encrypt->encode($this->session->userdata('employee_id')) ?>">

i have encrypted the above url using the codeigniter encrypt i set the encryption key in codeigniter config file

$config['encryption_key'] = 'gIoueTFDwGzbL2Bje9Bx5B0rlsD0gKDV';

and i called in the autoload

$autoload['libraries'] = array('session','form_validation','encrypt','encryption','database');

when the ulr(href) load into the url it look like this

http://localhost/hrms/daily_report/index/FVjGcz4qQztqAk0jaomJiAFBZ/vKVSBug1iGPQeKQCZ/K7+WUE4E/M9u1EjWh3uKTKeIhExjGKK1dJ2awL0+zQ==

but the url is not decoded, and i;m not getting the employee_id it shows empty.

public function index($employee_id) {
        $save_employee_id = $employee_id;
        // decoding the encrypted employee id
        $get_employee_id = $this->encrypt->decode($save_employee_id);
        echo $employee_id; // answer: FVjGcz4qQztqAk0jaomJiAFBZ
        echo "<br>";
        echo $get_employee_id; // is display the null
        echo "<br>";

        exit();
        // get the employee daily report
        $data['get_ind_report'] =           $this->daily_report_model->get_ind_report($get_employee_id);
        // daily report page
        $data['header'] = "Daily Report";
        $data['sub_header'] = "All";
        $data['main_content'] = "daily_report/list";
        $this->load->view('employeelayout/main',$data);
    }

complete url(3) is

FVjGcz4qQztqAk0jaomJiAFBZ/vKVSBug1iGPQeKQCZ/K7+WUE4E/M9u1EjWh3uKTKeIhExjGKK1dJ2awL0+zQ==

it shows only

FVjGcz4qQztqAk0jaomJiAFBZ

i tried to change in the

$config['permitted_uri_chars'] = 'a-zA-Z 0-9~%.:_\-@=+';

by / in the permitted uri chars but it throwing error So, i need to encryption the $id in the url using the codeigniter encrypt class and decrypt in the server side to get the actual $id, So that i fetch data from the DB. any help would be appreciated

Upvotes: 1

Views: 4947

Answers (3)

Kamran
Kamran

Reputation: 2741

You have to extend encryption class and avoid the / to get it working. Place this class in your application/libraries folder. and name it as MY_Encrypt.php.

class MY_Encrypt extends CI_Encrypt
{
    /**
     * Encodes a string.
     * 
     * @param string $string The string to encrypt.
     * @param string $key[optional] The key to encrypt with.
     * @param bool $url_safe[optional] Specifies whether or not the
     *                returned string should be url-safe.
     * @return string
     */
    function encode($string, $key="", $url_safe=TRUE)
    {
        $ret = parent::encode($string, $key);

        if ($url_safe)
        {
            $ret = strtr(
                    $ret,
                    array(
                        '+' => '.',
                        '=' => '-',
                        '/' => '~'
                    )
                );
        }

        return $ret;
    }

    /**
     * Decodes the given string.
     * 
     * @access public
     * @param string $string The encrypted string to decrypt.
     * @param string $key[optional] The key to use for decryption.
     * @return string
     */
    function decode($string, $key="")
    {
        $string = strtr(
                $string,
                array(
                    '.' => '+',
                    '-' => '=',
                    '~' => '/'
                )
        );

        return parent::decode($string, $key);
    }
}

Upvotes: 2

codefire
codefire

Reputation: 391

This is happening as the character "/" is part of html uri delimiter. Instead you can work around it by avoiding that character in html url by rawurlencoding your encrytion output string before attaching it to url.

\edit:

I tried rawurlencode, but wasn't able to get the proper output.

Finally succeeded by using this code. Define two functions:

function hex2str( $hex ) {
  return pack('H*', $hex);
}

function str2hex( $str ) {
  return array_shift( unpack('H*', $str) );
}

Then use call str2hex and pass it the encrypted user id to convert encrypted string into hexcode. Reverse the process to get the correct string so that you can decrypt it.

I was able to properly encode and decode:

"FVjGcz4qQztqAk0jaomJiAFBZ/vKVSBug1iGPQeKQCZ/K7+WUE4E/M9u1EjWh3uKTKeIhExjGKK1dJ2awL0+zQ=="

to:

"46566a47637a3471517a7471416b306a616f6d4a694146425a2f764b56534275673169475051654b51435a2f4b372b57554534452f4d397531456a576833754b544b65496845786a474b4b31644a3261774c302b7a513d3d"

The url would become rather long though.

Upvotes: 0

user6202450
user6202450

Reputation: 

FVjGcz4qQztqAk0jaomJiAFBZ/vKVSBug1iGPQeKQCZ/K7+WUE4E/M9u1EjWh3uKTKeIhExjGKK1dJ2awL0+zQ==

Shows

FVjGcz4qQztqAk0jaomJiAFBZ

If you look at your url closely, you could see that after the result which has been shown there is a '/' . Now any string after that will be treated as another segment. Hence it could not decode. The encrypt library in this case would not work.

Either you stop passing that through the URL or use another different technique base_encode().

Hope that helps

Upvotes: 1

Related Questions