PHP:类似 Youtube 的短 ID,带有盐
我需要对数据库 ID 进行编码/加密并将其附加到我的 URL 中。安全性不是我想要解决的问题,但我正在寻找具有中等安全性的东西。主要目标是拥有唯一且 URL 安全的短 ID。
下面的代码片段似乎可以满足我的需要(来自 http://programanddesign.com/php/base62 -encode/)
function encode($val, $base=62, $chars='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
// can't handle numbers larger than 2^31-1 = 2147483647
$str = '';
do {
$i = $val % $base;
$str = $chars[$i] . $str;
$val = ($val - $i) / $base;
} while($val > 0);
return $str;
}
function decode($str, $base=62, $chars='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
$len = strlen($str);
$val = 0;
$arr = array_flip(str_split($chars));
for($i = 0; $i < $len; ++$i) {
$val += $arr[$str[$i]] * pow($base, $len-$i-1);
}
return $val;
}
echo encode(2147483647); // outputs 2lkCB1
我可能会稍微修改一下函数:
- 删除 $base 参数;可以通过 strlen ($chars) 计算出来
- 从字符集中消除可能相互混淆的字母/数字(例如 0、O、o)
我将如何更改脚本,以便我也可以使用盐?这是一个明智的想法吗?我会无意中增加碰撞的机会等吗?
I need to encode/encrypt database ids and append them to my URLs. Security is not an issue I am trying to deal with, but I am looking for something with moderate security. The main goal is to have short ids that are unique and URL-safe.
The following snippet seems like it will do what I need (from http://programanddesign.com/php/base62-encode/)
function encode($val, $base=62, $chars='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
// can't handle numbers larger than 2^31-1 = 2147483647
$str = '';
do {
$i = $val % $base;
$str = $chars[$i] . $str;
$val = ($val - $i) / $base;
} while($val > 0);
return $str;
}
function decode($str, $base=62, $chars='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') {
$len = strlen($str);
$val = 0;
$arr = array_flip(str_split($chars));
for($i = 0; $i < $len; ++$i) {
$val += $arr[$str[$i]] * pow($base, $len-$i-1);
}
return $val;
}
echo encode(2147483647); // outputs 2lkCB1
I'll probably modify the functions a bit:
- Remove the $base parameter; that can be figured out by strlen ($chars)
- Eliminate from the character set letter/numbers that can be confused for each other (e.g. 0, O, o)
How would I change the script such I can also use a salt with it? And would that be a wise idea? Would I inadvertently increase chance of collision, etc.?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果你想让数字 id 无法从字符串中猜测出来,你可以使用盐。您应该能够在不发生冲突的情况下取回 id。 Kevin van Zonneveld 的文章 使用 PHP 创建短 ID - 就像 Youtube 或 TinyURL 是一个很好的开始。无论如何,检查唯一性。
If you want to make the numerical id unguessable from the string, you can use a salt. You should be able to get the id back without collisions. The post Create short IDs with PHP - Like Youtube or TinyURL by Kevin van Zonneveld is a good start. At any rate, check for uniqueness.
您不能只使用 PHP 的
uniqid
函数从当前时间戳生成一个人造随机字符串吗?然后在上传时将此字母数字字符串保存在视频记录中。Could you not just use PHP's
uniqid
function to generate a faux-random string from the current timestamp? Then save this alpha-numeric string in the video record at upload time.