I try to send variable through URL. So I use this CI method
$this->encrypt->encode($variable)
And i decode it in the destination. but it doesn't return a correct value. encoded value example :
pWI+q72keVNJtpaZgJdxfwuKtqM2VrNMGhpnknsrf/3dadh0x+lU70h9hgSwFzTWQAEclSfoSZ2J3/UOuLVwgA==
I realize there are too much special characters here such as +/= . And to allow these characters in URI will be unwise.
If that so, is this function can't be implemented to secure data sent through URL?
分享 The output of encode is Base64 encoded encrypted data. To transmit this you have to encode it in a URI-safe format.
On the PHP base64 page those functions are proposed to
$base64 = $this->encrypt->encode($variable);
$urisafe = strtr($base64, '+/', '-_');
// or
$urisafe = strtr($base64, '+/=', '-_,');
Before decodeing you would have to reverse this:
$base64 = strtr($urisafe, '-_', '+/');
// or
$base64 = strtr($urisafe, '-_,', '+/=');
The first suggestion makes it compliant with the RFC 4648 Table 2 for URL safe encodings.
strtr replaces the offending characters with safe characters. In the above example during the encoding process + is replaced by - and / by _.
分享
