All geek questions in one place

PHP encrypts and decrypts other than base64 encode

In one of our web applications (in PHP, MySQL) we save the mobile number as an encrypted value and decrypt it when we send them an SMS. The app works pretty well. But

Now GoDaddy removed the base64_encode option and decoded. So we can not send SMS to users. Thus, we return the mobile phone numbers to their normal state, starting them locally.

My question is the easiest and safest way to encrypt and decrypt a string using a key.

Sort of

Normal string : 9876543210 -> After encrypt with a key -> AASASOOPFPOEROP45664654456 Encrypted string : AASASOOPFPOEROP45664654456 -> on decrypt -> 9876543210

My current code

 function encodeString($str){ for($i=0; $i<5;$i++) { $str=strrev(base64_encode($str)); //apply base64 first and then reverse the string } return $str; } function decodeString($str){ for($i=0; $i<5;$i++) { $str=base64_decode(strrev($str)); //apply base64 first and then reverse the string} } return $str; }

Please help me. thanks in advance

+4
source share
2 answers

here I give you one simple example with our own private key, which you can use as below

// Secret key to encrypt / decrypt using

$key='mysecretkey'; // 8-32 characters without spaces

// String for encryption

 $string1='your sample key, that is the question';

// String EnCrypt

 $string2=convert($string1,$key);

// DeCrypt back

 $string3=convert($string2,$key);

// Test output

  echo '<span style="font-family:Courier">'; echo 'Key: '.$key.'<br>'."\n"; echo $string1.'<br>'."\n"; echo $string2.'<br>'."\n"; echo $string3.'<br>'."\n"; echo '</span>'."\n";

OUTPUT

 Key: mysecretkey your sample key, that is the question tvfw#ady{i|-rv|/2q|jq9dj3qkw%e~`jyp|k your sample key, that is the question

Let me know that I can help you.

+4
source

Well, if you used base64 encoding / decoding, you did not encrypt the data, just obfuscation.

I don't know which php extensions godaddy extensions are allowed, so I suggest going to something like phpSecLib

http://phpseclib.sourceforge.net/

This is a separate implementation that you can include in your scripts and will provide actual encryption of your data. AES or Rijndael should find a job for your application.

Basically, it will encrypt the string with the key, even if your database is compromised, the data cannot be decrypted without the key encrypted by it (which you would encode in your script). This is not like simple encoding, and in this case, if someone got the database, they could decode it by running the first line using various encoding methods until they find one that works. And then run the rest using the same decoding method

+4
source

Source: https://habr.com/ru/post/1486962/

More articles:


All Articles