Encode Decode Data In Php

<?php
class Encryption
{
var $skey     = “SuPerEncKey2010″; // you can change it
public  function safe_b64encode( $string )
{
$data = base64_encode( $string );
$data = str_replace( array( ‘+’, ‘/’, ‘=’ ), array( ‘-‘, ‘_’, ” ), $data );
return $data;
}
public function safe_b64decode( $string )
{
$data = str_replace( array( ‘-‘, ‘_’ ),array( ‘+’, ‘/’ ), $string );
$mod4 = strlen( $data ) % 4;
if( $mod4 )
{
$data .= substr( ‘====’, $mod4 );
}
return base64_decode( $data );
}
public  function encode($value)
{
if( !$value )
{
return false;
}
$text = $value;
$iv_size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB );
$iv = mcrypt_create_iv( $iv_size, MCRYPT_RAND );
$crypttext = mcrypt_encrypt( MCRYPT_RIJNDAEL_256, $this->skey, $text, MCRYPT_MODE_ECB, $iv );
return trim( $this->safe_b64encode( $crypttext ) );
}
public function decode( $value )
{
if( !$value )
{
return false;
}
$crypttext = $this->safe_b64decode( $value );
$iv_size = mcrypt_get_iv_size( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB );
$iv = mcrypt_create_iv( $iv_size, MCRYPT_RAND );
$decrypttext = mcrypt_decrypt( MCRYPT_RIJNDAEL_256, $this->skey, $crypttext, MCRYPT_MODE_ECB, $iv );
return trim( $decrypttext );
}
}
?>
<?php
$aRzObj = new Encryption();
//echo $aRzObj->encode( ‘Your data’ );
//$this->encrypt->decode(‘Your encrypted data’);
//http://www.99points.info/2010/06/php-encrypt-decrypt-functions-to-encrypt-url-data/
?>
<?php
function keymaker( $id )
{
//generate the secret key anyway you like. It could be a simple string like in this example or a database
//look up of info unique to the user or id. It could include date/time to timeout keys.
$secretkey = ‘1HutysK98UuuhDasdfafdCrackThisBeeeeaaaatchkHgjsheIHFH44fheo1FhHEfo2oe6fifhkhs’;
$key = md5( $id . $secretkey );
return $key;
}
?>
<?php
$contentid=’123′;
$url=’http://site.com/view.php?id=123&urlkey=&#8217;.keymaker($contentid);
echo $url;
?>
<?
$testurlkey=keymaker($_GET[‘id’]);
if($testurlkey==$_GET[‘urlkey’]){
echo ‘ID is OK’;//id has not been tampered with
}else{
echo ‘Nice try’;
}
?>

<html>
<head>
<title>SQL Injection Example</title>
</head>
<body>
<form id=”myFrom” action=”<?php echo $_SERVER[‘PHP_SELF’]; ?>”
method=”post”>
<div><input type=”text” name=”account_number”
value=”<?php echo(isset($_POST[‘account_number’]) ?
$_POST[‘account_number’] : ”); ?>” /> <input type=”submit”
value=”Save” name=”submit” /></div>
</form>
<?php
function isValidAccountNumber($number)
{
return is_numeric($number);
}

if ($_POST[‘submit’] == ‘Save’) {

/* Remember habit #1–validate your data! */
if (isset($_POST[‘account_number’]) &&
isValidAccountNumber($_POST[‘account_number’])) {

/* do the form processing */
$link = mysql_connect(‘hostname’, ‘user’, ‘password’) or
die (‘Could not connect’ . mysql_error());
mysql_select_db(‘test’, $link);

$select = sprintf(“SELECT account_number, name, address ” .
” FROM account_data WHERE account_number = %s;”,
mysql_real_escape_string($_POST[‘account_number’]));
echo ‘<p>’ . $select . ‘</p>’;

$result = mysql_query($select) or die(‘<p>’ . mysql_error() . ‘</p>’);

echo ‘<table>’;
while ($row = mysql_fetch_assoc($result)) {
echo ‘<tr>’;
echo ‘<td>’ . $row[‘account_number’] . ‘</td>’;
echo ‘<td>’ . $row[‘name’] . ‘</td>’;
echo ‘<td>’ . $row[‘address’] . ‘</td>’;
echo ‘</tr>’;
}
echo ‘</table>’;

mysql_close($link);
} else {
echo “<span style=\”font-color:red\”>” .
“Please supply a valid account number!</span>”;

}
}
?>
</body>
</html>

Advertisements
By Rz Rasel Posted in Php

6 comments on “Encode Decode Data In Php

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s