duanban4769 2019-08-16 17:59
浏览 39
已采纳

屏蔽自动递增主键

Currently I have a mysql table that displays information about job opportunities. I have an auto incrementing primary key and I want to encode so it isn't easily recognizable.

So the key "1" would be converted into something short like "AE93DZ". So for URL purposes it isn't something like somesite.com/view/1

Primary Key Unique Id   |   Job Name
1                       | Gardening at X
2                       | Dishwasher at Y
3                       | Etc
4                       | Etc

The primary key needs to be able to be decoded back into it's original key so I can search the database, eg if the user were to click the post then it needs to pull up that job post.

I have tried using Base64 encoding the key.

public static function encode( $input )
{
    $salt= "example_salt";
    $encrypted_id = base64_encode($input . $salt);;
    return $encrypted_id;
}

public static function decode( $raw )
{
    $salt = "example_salt";
    $decrypted_id_raw = base64_decode($raw);
    $decrypted_id = preg_replace(sprintf('/%s/', $salt), '', $decrypted_id_raw);
    return $decrypted_id;
}

The encryption returns something like

OE1ZX1SKJS3KSJNMg==

which is too long and contains "=" signs.

  • 写回答

2条回答 默认 最新

  • dongxi5494 2019-08-16 18:17
    关注

    I though that changing the base of the ID and add a offset could give you a nice short way to obfuscate the id. Something like this:

    function obfuscate($number)
{
    $offset = 12345678;
    return strtoupper(base_convert($number + $offset, 10, 36));
}

function deobfuscate($code)
{
    $offset = 12345678;
    return base_convert($code, 36, 10) - $offset;
}

    Here 1 would become 7CLZJ and 9999 would become 7CTP9. The codes are guaranteed to be unique. By converting to base 36 the code would only contain the number 0...9 and the letters A....Z.

    Simple but effective. Please make the $offset a field in your class.

    This only moves you away from the simple numbers of the id, it does in no way help to secure the id.

    If you think that the sequential numbers in base 36 are a problem you can add a factor. For instance the prime number 5197. Like this:

    function obfuscate($number)
{
    $offset = 73074643;
    $factor = 5197;
    return strtoupper(base_convert($factor * $number + $offset, 10, 36));
}

function deobfuscate($code)
{
    $offset = 73074643;
    $factor = 5197;
    return intdiv(base_convert($code, 36, 10) - $offset, $factor);
}

    Which will make it a lot harder to see any logic in the numbering:

    1 = 17ICRK 
2 = 17IGRX 
3 = 17IKSA 
4 = 17IOSN 
5 = 17IST0
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 unity第一人称射击小游戏,有demo,在原脚本的基础上进行修改以达到要求
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?
  • ¥15 加热介质是液体,换热器壳侧导热系数和总的导热系数怎么算
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line