URL 中的加密数据
我正在开发一个 PHP 应用程序来管理公司的订单。要查看订单,当前 URL 为 /orders/view/3502
。
我不希望订单 ID 号出现在 URL 中,因此我使用 CodeIgniter 的加密库对 URL 中的 ID 进行加密。 URL(加密后)类似于 /orders/view/AaffGdQQ
。
我遇到的问题是有时加密的 ID 包含正斜杠或加号,它们在 URL 中无法正常工作。 CodeIgniter 根据斜杠读取 URL,因此,如果加密的 ID 有斜杠,它会将其读取为 2 个变量,而不是一个。另外,加号在 URL 中被解释为空格。
所以,我的问题是,如何加密 ID 并确保字符串不包含加号或斜杠?
编辑:我有一个想法,看看加密的 ID 是否包含斜杠或加号,如果包含,请再次加密。由于某种原因,每次加密 ID 时它都是不同的,所以这是可行的。
I am developing a PHP application to manage orders for a company. To view an order the URL is currently /orders/view/3502
.
I don't want the order ID number to appear in the URL, so I used CodeIgniter's encrypt library to encrypt the ID in the URL. The URL (after encryption) looks like /orders/view/AaffGdQQ
.
The problem I am having is sometimes the encrypted ID contains a forward slash or a plus sign, which don't work correctly when in a URL. CodeIgniter reads the URL based on slashes, so, if the encrypted ID had a slash, it would read that as 2 variables, not one. Also, plus signs are interpreted as spaces in URLs.
So, my question is, how can I encrypt the ID and be sure that the string does not contain a plus sign or a slash?
EDIT: I had an idea to see if the encrypted ID contained a slash or plus sign, and if it did, encrypt it again. For some reason, every time the ID is encrypted, it's different, so this would work.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您还可以使用base64_encode()。这也会使它更长并且显得“更安全”。还添加了一层混淆。
You can also base64_encode(). That will also make it a lot longer and appear "more secure". Also adds a layer of obfuscation.
也许通过 urlencode() 传递加密数据可以解决这个问题?完成此操作后,您必须在 CodeIgniter 之前拦截数据,并对其运行 urldecode() 。
只是一个快速的想法,祝你好运!
Maybe passing the cryped data through
urlencode()
would fix this? After you do that, you would have to intercept the data before CodeIgniter does, and runurldecode()
on it.Just a quick idea, so good luck!
查找加密不使用的一些字符并根据需要替换它们。使用 url 时,将其撤消。
Look for some characters that the encryption doesn't use and replace them as it fits. When using urls, undo it.