网址中的加密数据 [英] Encrypted data in URLs
问题描述
我正在开发一个PHP应用程序来管理公司的订单。要查看订单,该网址目前为 / orders / view / 3502
。
I am developing a PHP application to manage orders for a company. To view an order the URL is currently /orders/view/3502
.
ID号出现在URL中,所以我使用CodeIgniter的加密库来加密URL中的ID。网址(加密后)看起来像 / orders / view / AaffGdQQ
。
I don't want the order ID number to appear in the URL, so I used CodeIgniter's encrypt library to encrypt the ID in the URL. The URL (after encryption) looks like /orders/view/AaffGdQQ
.
加密的ID包含正斜杠或加号,在网址中无法正常工作。 CodeIgniter基于斜杠读取URL,因此,如果加密的ID具有斜杠,则它将读取为2个变量,而不是一个变量。此外,加号在URL中被解释为空格。
The problem I am having is sometimes the encrypted ID contains a forward slash or a plus sign, which don't work correctly when in a URL. CodeIgniter reads the URL based on slashes, so, if the encrypted ID had a slash, it would read that as 2 variables, not one. Also, plus signs are interpreted as spaces in URLs.
因此,我的问题是,如何加密ID并确保字符串不包含加号或斜线?
So, my question is, how can I encrypt the ID and be sure that the string does not contain a plus sign or a slash?
编辑:我有一个想法,看看加密的ID是否包含斜杠或加号,如果是,请再次加密。
I had an idea to see if the encrypted ID contained a slash or plus sign, and if it did, encrypt it again. For some reason, every time the ID is encrypted, it's different, so this would work.
推荐答案
也可以使用base64_encode() 。这也将使它更长,并显示更安全。还添加了一层模糊处理。
You can also base64_encode(). That will also make it a lot longer and appear "more secure". Also adds a layer of obfuscation.
这篇关于网址中的加密数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!