php mcrypt_decrypt()问题

I'm passing information from one page another with following php code..

Index.php page:

<?php
include("secure/content/database/db.php");
$sql = mysql_query("SELECT * FROM press");
while($re =  mysql_fetch_array($sql))
{   


$id= (int) $re['id'];                   

$key = "bladeyeshibbir?1%59";

$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)       

$encrypted_data=mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $id, MCRYPT_MODE_ECB, $iv);

$id = urlencode(base64_encode($encrypted_data));

$page = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));
echo "<li><a href='press.php?id=$id&request=$md'>$page</a></li>";
            }

            ?>

Press.php page

<?php
include("secure/content/database/db.php");
include("header.php");

$id = $_REQUEST["id"];
$key = "bladeyeshibbir?1%59#";

$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)       

$decrypted_data=mcrypt_decrypt(MCRYPT_3DES, $key, $id, MCRYPT_MODE_CBC, $iv); 
$url_id = base64_decode(urldecode($decrypted_data));

$request = $_REQUEST['request'];

$sql = mysql_query("SELECT * FROM press WHERE id='$url_id'  ");
$re = mysql_fetch_array($sql);

$pagename = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));  

echo "<title>$pagename</title>";

echo $content;

include("fotter.php");

?>  

BUT I'm getting this error:

Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: Attempt to use an empty IV, which is NOT recommend in C:\xampp\htdocs\audock\press.php on line 10.

Actually, what I want is that the user can't see the actual value of the query string variable.

查看全部
douduan5753
douduan5753
2012/03/11 14:01
  • php
  • 点赞
  • 收藏
  • 回答
    私信
满意答案
查看全部

2个回复