Hi there. My website passes information from one page to another via
the URL. it DOESN'T use forms or post/get but rather I build up the url
in page A as a string and use it to link to page B.
My url looks (something)like this
http://www.mysite.com/pageb.php?PassedUserName='Hester'&PassedUserOccupa tion='Tester'
I don't want users to be able to type in what ever entries they like,
but also I would like to hide the entire list of variables so that it
appears something like
http://www.mysite.com/pageb.php?PassedData=<random looking data here>
Now, I found these functions
function encrypt($string, $key) {
$result = '';
for($i=0; $i<strlen($string); $i++) {
$char = substr($string, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
return base64_encode($result);
}
function decrypt($string, $key) {
$result = '';
$string = base64_decode($string);
for($i=0; $i<strlen($string); $i++) {
$char = substr($string, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)-ord($keychar));
$result.=$char;
}
return $result;
}
which work nicely on parts of the url giving me
PassedUserName='Hester'
xLTf1NfYvtXG5MLHztixerTG5ejO1Ig=
PassedUserOccupation='Tester'
xLTf1NfYvtXG5MPJxOjktODK4eKmibXX59rG5Zs=
but I cannot encrypt the whole string
PassedUserName='Hester'&PassedUserOccupation='Test er' unless i replaced
the & with another character for example but then I would have to
somehow split the string into the two variables, and be able to use
these values in my code.
I guess appending a $ to the start of the decoded string isn't going to
work? (I doubt my problem would be that easily solved!)
Sorry, I'm a bit green when it comes to Php programming and I've looked
through the PHP manual and tried many different ways of doing this
before I had to ask.
Thanks in advance for any/all assistance 3 1839
On 2005-06-06, pl*********@hotmail.com <pl*********@hotmail.com> wrote: Hi there. My website passes information from one page to another via the URL. it DOESN'T use forms or post/get but rather I build up the url in page A as a string and use it to link to page B.
[...]
I believe you would be better off using sessions. http://www.php.net/session
--
Cheers,
- Jacob Atzen
On Mon, 06 Jun 2005 03:15:49 -0700, plittle1970 wrote: Hi there. My website passes information from one page to another via the URL. it DOESN'T use forms or post/get but rather I build up the url in page A as a string and use it to link to page B.
My url looks (something)like this http://www.mysite.com/pageb.php?PassedUserName='Hester'&PassedUserOccupa tion='Tester'
I don't want users to be able to type in what ever entries they like, but also I would like to hide the entire list of variables so that it appears something like
http://www.mysite.com/pageb.php?PassedData=<random looking data here>
Now, I found these functions
function encrypt($string, $key) { $result = ''; for($i=0; $i<strlen($string); $i++) { $char = substr($string, $i, 1); $keychar = substr($key, ($i % strlen($key))-1, 1); $char = chr(ord($char)+ord($keychar)); $result.=$char; } return base64_encode($result); } } function decrypt($string, $key) { $result = ''; $string = base64_decode($string);
for($i=0; $i<strlen($string); $i++) { $char = substr($string, $i, 1); $keychar = substr($key, ($i % strlen($key))-1, 1); $char = chr(ord($char)-ord($keychar)); $result.=$char; } return $result; } } which work nicely on parts of the url giving me PassedUserName='Hester' xLTf1NfYvtXG5MLHztixerTG5ejO1Ig=
PassedUserOccupation='Tester' xLTf1NfYvtXG5MPJxOjktODK4eKmibXX59rG5Zs=
but I cannot encrypt the whole string PassedUserName='Hester'&PassedUserOccupation='Test er' unless i replaced the & with another character for example but then I would have to somehow split the string into the two variables, and be able to use these values in my code.
I guess appending a $ to the start of the decoded string isn't going to work? (I doubt my problem would be that easily solved!)
Sorry, I'm a bit green when it comes to Php programming and I've looked through the PHP manual and tried many different ways of doing this before I had to ask.
Thanks in advance for any/all assistance
Would it be enough to just use variables that are none descriptive at
that point and the variable values as keys to a data location that your
own software understands.
For example, I keep a MySQL table just for my own software's use, mainly
as a debug aid, but also as a way to pass data/control info. In fact I use
it it pretty much the way you would make use of services in UNIX/Linux
programming to talk across threads (not quite a useable as the services
system, but can get round some thread comms problems of php). Then a
variable reference as in your line is simply a reference to which table
item it is. http://www.mysite.com/pageb.php?val1=0001
With your tables/connection settings outside of your browsable area then
you have already taken your security up a few levels from this one small
method.
I don't see what you mean by " but I cannot encrypt the whole
string...unless i replaced the & with another character" ? I tested your
code by calling this:
$enc =
encrypt("PassedUserName='Hester'&PassedUserOccupat ion='Tester'","volatile");
$dec = decrypt($enc,"volatile");
echo "$enc<br>$dec";
Here is the output:
icbQ39TZzcHY2+G6wuHOqYy+1N/V2duTi5q/zdTnztC66dTesNfM4dXX49XQ4qaTudvi4MbmkA==PassedUser Name='Hester'&PassedUserOccupation='Tester'On some other page I would then get the result (after decrypting$_GET['PassedData']) with a simple $result = split('&', $dec)... urlencodeand urldecode may also be useful if you want to include & into someparameter.Dae<pl*********@hotmail.com> wrote in messagenews:11**********************@g47g2000cwa.g ooglegroups.com...> Hi there. My website passes information from one page to another via> the URL. it DOESN'T use forms or post/get but rather I build up the url> in page A as a string and use it to link to page B.>> My url looks (something)like this>http://www.mysite.com/pageb.php?PassedUserName='Hester'&PassedUserOccupa tion='Tester'>> I don't want users to be able to type in what ever entries they like,> but also I would like to hide the entire list of variables so that it> appears something like>> http://www.mysite.com/pageb.php?PassedData=<random looking data here>>> Now, I found these functions>> function encrypt($string, $key) {> $result = '';> for($i=0; $i<strlen($string); $i++) {> $char = substr($string, $i, 1);> $keychar = substr($key, ($i % strlen($key))-1, 1);> $char = chr(ord($char)+ord($keychar));> $result.=$char;> }> return base64_encode($result);> }>> function decrypt($string, $key) {> $result = '';> $string = base64_decode($string);>> for($i=0; $i<strlen($string); $i++) {> $char = substr($string, $i, 1);> $keychar = substr($key, ($i % strlen($key))-1, 1);> $char = chr(ord($char)-ord($keychar));> $result.=$char;> }> return $result;> }>> which work nicely on parts of the url giving me> PassedUserName='Hester'> xLTf1NfYvtXG5MLHztixerTG5ejO1Ig=>> PassedUserOccupation='Tester'> xLTf1NfYvtXG5MPJxOjktODK4eKmibXX59rG5Zs=>> but I cannot encrypt the whole string> PassedUserName='Hester'&PassedUserOccupation='Test er' unless i replaced> the & with another character for example but then I would have to> somehow split the string into the two variables, and be able to use> these values in my code.>> I guess appending a $ to the start of the decoded string isn't going to> work? (I doubt my problem would be that easily solved!)>> Sorry, I'm a bit green when it comes to Php programming and I've looked> through the PHP manual and tried many different ways of doing this> before I had to ask.>> Thanks in advance for any/all assistance> This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Scott Brady Drummonds |
last post by:
Hi, everyone,
I'm still learning Python as I develop a medium-sized project. From my
previous experience with C++, I've burnt into my mind the notion of
information hiding. I'm having trouble...
|
by: Laurent Bertin |
last post by:
Hi i got a strange problem but it's true i don't make thing like anyone...
First Config:
+ IIS5.0 SP2 (yes i know...)
WebSite Security
Root : Digest Authentication, NT Authenticated
SubFolders...
|
by: coolwarrior |
last post by:
Hi,
1_I want to know the difference between "data hiding" , "steganography"
,"watermarking" ,"capsulation" related to DSP.
2_There r plenty of informaion about data hiding for images on the web...
|
by: Ross A. Finlayson |
last post by:
Hi,
I'm scratching together an Access database. The development box is
Office 95, the deployment box Office 2003.
So anyways I am griping about forms and global variables. Say for
example...
|
by: Stefan Turalski \(stic\) |
last post by:
Hi,
I done sth like this:
for(int i=0; i<10; i++) {...}
and after this local declaration of i variable I try to inicialize
int i=0;
|
by: Mark Sisson |
last post by:
Hi all.
SITUATION
================
1. I have a base class with a member variable that's an object
2. I have several classes that inherit from the base class.
3. There are several methods in...
|
by: Ark |
last post by:
Recently there was a thread (and I believe more than one) on a theme
that a variable, say,
T foo;
is computed once and then is not modified (in the first place,
inadvertently) ever again.
The...
|
by: Mark Rae |
last post by:
Hi,
See the previous thread Request.Form abuse in this newsgroup...
I'm looking for a simple and efficient way to prevent people hijacking the
<formtags on my websites and using them to send...
|
by: Sh4wn |
last post by:
Hi,
first, python is one of my fav languages, and i'll definitely keep
developing with it. But, there's 1 one thing what I -really- miss:
data hiding. I know member vars are private when you...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |