如何保存加密的数据在cookie（使用PHP）？ [英] How to save encrypted data in cookie (using php)?

问题描述

我想将资料储存在Cookie（使用者名称，电子邮件地址等等）中，但我不会让使用者轻​​易读取或修改资料。我需要能够读回数据。我如何使用php 5.2 +？

I would like to save data in cookies (user name, email address, etc...) but I don't the user to easily read it or modify it. I need to be able able to read the data back. How can I do that with php 5.2+?

这将用于welcome back bob类型的功能。

It would be used for "welcome back bob" kind of feature. It is not a replacement for persistence or session storage.

推荐答案

我们在我们的项目中使用mcrypt来实现加密。下面是基于互联网上的内容的代码示例：

We use mcrypt in our projects to achieve encryption. Below is a code sample based on content found on the internet:

<?php
class MyProjCrypt {

    private $td;
    private $iv;
    private $ks;
    private $salt;
    private $encStr;
    private $decStr;


    /**
     *  The constructor initializes the cryptography library
     * @param $salt string The encryption key
     * @return void
     */
    function __construct($salt) {
        $this->td = mcrypt_module_open('rijndael-256', '', 'ofb', ''); // algorithm
        $this->ks = mcrypt_enc_get_key_size($this->td); // key size needed for the algorithm
        $this->salt = substr(md5($salt), 0, $this->ks);
    }

    /**
     * Generates a hex string of $src
     * @param $src string String to be encrypted
     * @return void
     */
    function encrypt($src) {
        srand(( double) microtime() * 1000000); //for sake of MCRYPT_RAND
        $this->iv = mcrypt_create_iv($this->ks, MCRYPT_RAND); 
        mcrypt_generic_init($this->td, $this->salt, $this->iv);
        $tmpStr = mcrypt_generic($this->td, $src);
        mcrypt_generic_deinit($this->td);
        mcrypt_module_close($this->td);

        //convert the encrypted binary string to hex
        //$this->iv is needed to decrypt the string later. It has a fixed length and can easily 
        //be seperated out from the encrypted String
        $this->encStr = bin2hex($this->iv.$tmpStr);

    }

    /**
     * Decrypts a hex string    
     * @param $src string String to be decrypted
     * @return void
     */
    function decrypt($src) {
        //convert the hex string to binary
        $corrected = preg_replace("[^0-9a-fA-F]", "", $src);
        $binenc = pack("H".strlen($corrected), $corrected);

        //retrieve the iv from the encrypted string
        $this->iv = substr($binenc, 0, $this->ks);

        //retrieve the encrypted string alone(minus iv)
        $binstr = substr($binenc, $this->ks);

        /* Initialize encryption module for decryption */
        mcrypt_generic_init($this->td, $this->salt, $this->iv);
        /* Decrypt encrypted string */
        $decrypted = mdecrypt_generic($this->td, $binstr);

        /* Terminate decryption handle and close module */
        mcrypt_generic_deinit($this->td);
        mcrypt_module_close($this->td);
        $this->decStr = trim($decrypted);

    }
}

这篇关于如何保存加密的数据在cookie（使用PHP）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！