还是解码问题,,依旧有点问题
- PHP code
<!--Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/--><?phpfunction encryptCookie($value){ if(!$value){return false;} $key = 'paxospass1234!'; $text = $value; $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv); return array(trim(base64_encode($crypttext)),$iv); //encode for cookie}function decryptCookie($value,$iv){ if(!$value){return false;} $value = base64_decode($value); $key = 'paxospass1234!'; $text = $value; // $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); // $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv); return $decrypttext;}$str="this is for encry";$s=encryptCookie($str);echo decryptCookie($s[0],$s[1]);?>
没错。这函数正确,但是问题是,我要发到邮件里的是加密的代码,但是解码要到另一个网页,
问题是这个iv 打印出来时很多的方框框乱码,,怎么处理,,或者怎么让iv固定,我直接写$iv='123' 还报警告
------解决方案--------------------
呵呵,你咋直接用了那个函数了,我只是提供下简单示例。
实际生产环境肯定是加密是一端,解密是另一端的。
所以你是问另一端怎么得到那个随机不定iv吧?
因为CBC的iv固定是32字节的,所以直接把它拼进加密串就行了
- PHP code
<?phpfunction encryptCookie($value){ if(!$value){return false;} $key = 'paxospass1234!'; $text = $value; $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$key,$text, MCRYPT_MODE_CBC, $iv); $ivencode = mcrypt_encrypt(MCRYPT_RIJNDAEL_256,$crypttext,$iv,MCRYPT_MODE_ECB);//其实直接拼接就可以,这里再做一次加密 return base64_encode($crypttext.$ivencode); //encode for cookie,iv拼接到串尾}function decryptCookie($value){ if(!$value){return false;} $value = base64_decode($value); $rvalue = substr($value,0,-32);//原加密串 $iv = substr($value,-32);//iv $iv = mcrypt_decrypt(MCRYPT_RIJNDAEL_256,$rvalue,$iv,MCRYPT_MODE_ECB);//解密iv $key = 'paxospass1234!'; $text = $rvalue; // $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); // $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv); return $decrypttext;}$str="this is for encry";$s=encryptCookie($str);echo "encrypt:".$s."<br/>";echo "decrypt:".decryptCookie($s);?><div class="clear">
</div>
What is the difference between unset() and session_destroy()?May 04, 2025 am 12:19 AMThedifferencebetweenunset()andsession_destroy()isthatunset()clearsspecificsessionvariableswhilekeepingthesessionactive,whereassession_destroy()terminatestheentiresession.1)Useunset()toremovespecificsessionvariableswithoutaffectingthesession'soveralls
What is sticky sessions (session affinity) in the context of load balancing?May 04, 2025 am 12:16 AMStickysessionsensureuserrequestsareroutedtothesameserverforsessiondataconsistency.1)SessionIdentificationassignsuserstoserversusingcookiesorURLmodifications.2)ConsistentRoutingdirectssubsequentrequeststothesameserver.3)LoadBalancingdistributesnewuser
What are the different session save handlers available in PHP?May 04, 2025 am 12:14 AMPHPoffersvarioussessionsavehandlers:1)Files:Default,simplebutmaybottleneckonhigh-trafficsites.2)Memcached:High-performance,idealforspeed-criticalapplications.3)Redis:SimilartoMemcached,withaddedpersistence.4)Databases:Offerscontrol,usefulforintegrati
What is a session in PHP, and why are they used?May 04, 2025 am 12:12 AMSession in PHP is a mechanism for saving user data on the server side to maintain state between multiple requests. Specifically, 1) the session is started by the session_start() function, and data is stored and read through the $_SESSION super global array; 2) the session data is stored in the server's temporary files by default, but can be optimized through database or memory storage; 3) the session can be used to realize user login status tracking and shopping cart management functions; 4) Pay attention to the secure transmission and performance optimization of the session to ensure the security and efficiency of the application.
Explain the lifecycle of a PHP session.May 04, 2025 am 12:04 AMPHPsessionsstartwithsession_start(),whichgeneratesauniqueIDandcreatesaserverfile;theypersistacrossrequestsandcanbemanuallyendedwithsession_destroy().1)Sessionsbeginwhensession_start()iscalled,creatingauniqueIDandserverfile.2)Theycontinueasdataisloade
What is the difference between absolute and idle session timeouts?May 03, 2025 am 12:21 AMAbsolute session timeout starts at the time of session creation, while an idle session timeout starts at the time of user's no operation. Absolute session timeout is suitable for scenarios where strict control of the session life cycle is required, such as financial applications; idle session timeout is suitable for applications that want users to keep their session active for a long time, such as social media.
What steps would you take if sessions aren't working on your server?May 03, 2025 am 12:19 AMThe server session failure can be solved through the following steps: 1. Check the server configuration to ensure that the session is set correctly. 2. Verify client cookies, confirm that the browser supports it and send it correctly. 3. Check session storage services, such as Redis, to ensure that they are running normally. 4. Review the application code to ensure the correct session logic. Through these steps, conversation problems can be effectively diagnosed and repaired and user experience can be improved.
What is the significance of the session_start() function?May 03, 2025 am 12:18 AMsession_start()iscrucialinPHPformanagingusersessions.1)Itinitiatesanewsessionifnoneexists,2)resumesanexistingsession,and3)setsasessioncookieforcontinuityacrossrequests,enablingapplicationslikeuserauthenticationandpersonalizedcontent.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Dreamweaver Mac version
Visual web development tools
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
SublimeText3 Chinese version
Chinese version, very easy to use
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
