duanban4769 2019-08-16 17:59
浏览 39
已采纳

屏蔽自动递增主键

Currently I have a mysql table that displays information about job opportunities. I have an auto incrementing primary key and I want to encode so it isn't easily recognizable.

So the key "1" would be converted into something short like "AE93DZ". So for URL purposes it isn't something like somesite.com/view/1

Primary Key Unique Id   |   Job Name
1                       | Gardening at X
2                       | Dishwasher at Y
3                       | Etc
4                       | Etc

The primary key needs to be able to be decoded back into it's original key so I can search the database, eg if the user were to click the post then it needs to pull up that job post.

I have tried using Base64 encoding the key.

public static function encode( $input )
{
    $salt= "example_salt";
    $encrypted_id = base64_encode($input . $salt);;
    return $encrypted_id;
}

public static function decode( $raw )
{
    $salt = "example_salt";
    $decrypted_id_raw = base64_decode($raw);
    $decrypted_id = preg_replace(sprintf('/%s/', $salt), '', $decrypted_id_raw);
    return $decrypted_id;
}

The encryption returns something like

OE1ZX1SKJS3KSJNMg==

which is too long and contains "=" signs.

  • 写回答

2条回答 默认 最新

  • dongxi5494 2019-08-16 18:17
    关注

    I though that changing the base of the ID and add a offset could give you a nice short way to obfuscate the id. Something like this:

    function obfuscate($number)
    {
        $offset = 12345678;
        return strtoupper(base_convert($number + $offset, 10, 36));
    }
    
    function deobfuscate($code)
    {
        $offset = 12345678;
        return base_convert($code, 36, 10) - $offset;
    }
    

    Here 1 would become 7CLZJ and 9999 would become 7CTP9. The codes are guaranteed to be unique. By converting to base 36 the code would only contain the number 0...9 and the letters A....Z.

    Simple but effective. Please make the $offset a field in your class.

    This only moves you away from the simple numbers of the id, it does in no way help to secure the id.

    If you think that the sequential numbers in base 36 are a problem you can add a factor. For instance the prime number 5197. Like this:

    function obfuscate($number)
    {
        $offset = 73074643;
        $factor = 5197;
        return strtoupper(base_convert($factor * $number + $offset, 10, 36));
    }
    
    function deobfuscate($code)
    {
        $offset = 73074643;
        $factor = 5197;
        return intdiv(base_convert($code, 36, 10) - $offset, $factor);
    }
    

    Which will make it a lot harder to see any logic in the numbering:

    1 = 17ICRK 
    2 = 17IGRX 
    3 = 17IKSA 
    4 = 17IOSN 
    5 = 17IST0 
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 如何解决蓝牙通话音频突发失真问题
  • ¥15 安装opengauss数据库报错
  • ¥15 【急】在线问答CNC雕刻机的电子电路与编程
  • ¥60 在mc68335芯片上移植ucos ii 的成功工程文件
  • ¥15 笔记本外接显示器正常,但是笔记本屏幕黑屏
  • ¥15 Python pandas
  • ¥15 蓝牙硬件,可以用哪几种方法控制手机点击和滑动
  • ¥15 生物医学数据分析。基础课程就v经常唱课程舅成牛逼
  • ¥15 云环境云开发云函数对接微信商户中的分账功能
  • ¥15 空间转录组CRAD遇到问题