doudun1029 2016-08-05 02:05
浏览 28

php中的低级加密,用于基本的非个人数据

I have a php page which print different options to the client:

foreach($strings as $i => $string){
echo '<a href="decrypt.php?string='.$string.'">Go with option '.$i.'</a>';
}

I want that the user can retrive the content of $string only on my webpage and cannot by sniffing html code or something like that. The string length is not long, less than 100 chars, and it's dynamic. I would like the url to be "elegant". I tried using 

$string = gzencode($string);
$string = urlencode($string);

But it becomes a monster of string. Is there any basic function to encrypt the string? The other idea would be setting an array in $_SESSION, but that would make my urls not shareable. Creating a database is a mess. I need something very easy, just like old roman encryption method. Just not that because is a little bit too easy.

  • 写回答

1条回答 默认 最新

  • dongyao2022 2016-08-05 06:25
    关注

    It is not possible to give a good advise without knowing your use-case and how much you know. But I like thought experiments like this, so here are some ideas for you to think about.

    Encryption and encoding is not the same, so you first need to decide if you want to obfuscate or secure the data. Encoding obfuscate the data making it harder for non-tech people to read it, encryption make it really hard to read it.

    If you want to obfuscate php have the function http://php.net/manual/en/function.str-rot13.php, but since this is like old roman "encryption" you could base64 encode it after. This will give you a string that is obfuscated and not readable by most users, but most here on SO will recognize what it is and be able to read it.

    Another way to obfuscate the data could be to xor the string with another string.

    You did include that you are not ready to include a database, but maybe you could implement a simple replacement with storing a lookup-table in a file. Using the key in the link and then looking up the value in the file.

    If you want to actually encrypt the data you should look into openssl_encrypt and openssl_decrypt and encrypt it with a key using cbc mode, this is the way to go if you want security.

    评论

报告相同问题?

悬赏问题

  • ¥50 切换TabTip键盘的输入法
  • ¥15 关于#网络安全#的问题:求ensp的网络安全,不要步骤要完成版文件
  • ¥15 可否在不同线程中调用封装数据库操作的类
  • ¥20 使用Photon PUN2解决游戏得分同步的问题
  • ¥15 微带串馈天线阵列每个阵元宽度计算
  • ¥15 keil的map文件中Image component sizes各项意思
  • ¥20 求个正点原子stm32f407开发版的贪吃蛇游戏
  • ¥15 划分vlan后,链路不通了?
  • ¥20 求各位懂行的人,注册表能不能看到usb使用得具体信息,干了什么,传输了什么数据
  • ¥15 Vue3 大型图片数据拖动排序