dongpi9494 2013-07-02 00:24
浏览 142

如何在网站URL中对内容ID号进行Imgur风格的混淆? (PHP和MySQL)

I'm trying to obfuscate the URLs to the pages where content is displayed. Content pages are displayed by getting the content id number as a GET variable in the URL. I want to obfuscate the URL (as is described by this SO post). I tried the methods in both answers but one method gave overly long codes, and the other gave overly predictable codes.

I'm working in PHP, and I'm using a MySQL table to store content; the content id is an automatically incrementing column. This means that if I didn't obfuscate my URLs users would be able to see in the URL exactly how many posts there are on the website, and could change the URL to see different posts. I want to avoid this.

I was hoping to have obfuscation similar to Imgur.com: their content ID codes are each a 5-character code containing letters, capital letters and lowercase letters.

  • 写回答

3条回答

  • drbouzlxb92333332 2013-07-02 01:06
    关注

    To avoid needing to do a bunch of "encrypting" and "decrypting" you can use a unique key-pair for each page. Add another field (VARCHAR 5) to your pages table called key and then randomly generate a key for each page.

    To generate the key you could crypt a random number

    function random_key(){
    $crypt = crypt(rand(0,9999999), 'Whatever you want to say here.');
    return substr($crypt, 0, 5);
}

    Which would result in a URL like ?page=55-so3ph (?page={$id}-{$key})

    And then to use it you can do something like

    <?php

if(empty($_GET['page']))
    die('missing ?page');

$page = explode('-', $_GET['page']);

if(count($page) != 2)
    die('invalid ?page');

list($page_id, $page_key) = $page;

if(!is_numeric($page_id))
    die('invalid page id');

$Post = your_query_method('SELECT * FROM pages WHERE id = ' . $page_id . ' AND key = "' . your_escape_function($page_key) . '"');

if(!$Post){
    header('Location: /invalid_page.html');
    exit;
}

//At this point we know that they ID key pair is correct
    评论

报告相同问题?

悬赏问题

  • ¥20 sub地址DHCP问题
  • ¥15 delta降尺度计算的一些细节,有偿
  • ¥15 Arduino红外遥控代码有问题
  • ¥15 数值计算离散正交多项式
  • ¥30 数值计算均差系数编程
  • ¥15 redis-full-check比较 两个集群的数据出错
  • ¥15 Matlab编程问题
  • ¥15 训练的多模态特征融合模型准确度很低怎么办
  • ¥15 kylin启动报错log4j类冲突
  • ¥15 超声波模块测距控制点灯,灯的闪烁很不稳定,经过调试发现测的距离偏大