duanban4769 2019-08-16 17:59
浏览 39
已采纳

屏蔽自动递增主键

Currently I have a mysql table that displays information about job opportunities. I have an auto incrementing primary key and I want to encode so it isn't easily recognizable.

So the key "1" would be converted into something short like "AE93DZ". So for URL purposes it isn't something like somesite.com/view/1

Primary Key Unique Id   |   Job Name
1                       | Gardening at X
2                       | Dishwasher at Y
3                       | Etc
4                       | Etc

The primary key needs to be able to be decoded back into it's original key so I can search the database, eg if the user were to click the post then it needs to pull up that job post.

I have tried using Base64 encoding the key.

public static function encode( $input )
{
    $salt= "example_salt";
    $encrypted_id = base64_encode($input . $salt);;
    return $encrypted_id;
}

public static function decode( $raw )
{
    $salt = "example_salt";
    $decrypted_id_raw = base64_decode($raw);
    $decrypted_id = preg_replace(sprintf('/%s/', $salt), '', $decrypted_id_raw);
    return $decrypted_id;
}

The encryption returns something like

OE1ZX1SKJS3KSJNMg==

which is too long and contains "=" signs.

  • 写回答

2条回答 默认 最新

  • dongxi5494 2019-08-16 18:17
    关注

    I though that changing the base of the ID and add a offset could give you a nice short way to obfuscate the id. Something like this:

    function obfuscate($number)
{
    $offset = 12345678;
    return strtoupper(base_convert($number + $offset, 10, 36));
}

function deobfuscate($code)
{
    $offset = 12345678;
    return base_convert($code, 36, 10) - $offset;
}

    Here 1 would become 7CLZJ and 9999 would become 7CTP9. The codes are guaranteed to be unique. By converting to base 36 the code would only contain the number 0...9 and the letters A....Z.

    Simple but effective. Please make the $offset a field in your class.

    This only moves you away from the simple numbers of the id, it does in no way help to secure the id.

    If you think that the sequential numbers in base 36 are a problem you can add a factor. For instance the prime number 5197. Like this:

    function obfuscate($number)
{
    $offset = 73074643;
    $factor = 5197;
    return strtoupper(base_convert($factor * $number + $offset, 10, 36));
}

function deobfuscate($code)
{
    $offset = 73074643;
    $factor = 5197;
    return intdiv(base_convert($code, 36, 10) - $offset, $factor);
}

    Which will make it a lot harder to see any logic in the numbering:

    1 = 17ICRK 
2 = 17IGRX 
3 = 17IKSA 
4 = 17IOSN 
5 = 17IST0
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 Pwm双极模式H桥驱动控制电机
  • ¥30 这是哪个作者做的宝宝起名网站
  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题