Actually not so fun, but I did manage (I should say we because I wasn’t alone in this). Cryptography is not my thing, eh, not everything can be your thing so I accept it. There is just too much to learn: hash functions, public keys, symmetric ciphers, etc. Want we wanted to do was to encrypt data on the As3 side and decrypt it on the php side. I was aware that there was some cryptographic algorythms in the as3corelib, but none of them (MD5, SHA-1) fitted our needs. There is another great cryptography library out there and it is as3Crypto; the problem is that it is a bit hard to get around, there is a lot to choose from. We settled on AES (Advanced Encryption Standard). After 2 hours of trying to get it to work, we found this great post on Google groups(about middle of the page). I am copying the content here to make it easier for people to find. I have to give all the credit for this post to Jason Foglia who posted his code.
Here is the As3 Class:
package{ import flash.display.Sprite; import flash.utils.ByteArray; import com.hurlant.crypto.symmetric.ICipher; import com.hurlant.crypto.symmetric.IVMode; import com.hurlant.crypto.symmetric.IMode; import com.hurlant.crypto.symmetric.NullPad; import com.hurlant.crypto.symmetric.PKCS5; import com.hurlant.crypto.symmetric.IPad; import com.hurlant.util.Base64; import com.hurlant.util.Hex; import com.hurlant.crypto.Crypto; public class CryptoCode extends Sprite { private var type:String='simple-des-ecb'; private var key:ByteArray; public function CryptoCode() { init(); } private function init():void { key = Hex.toArray(Hex.fromString('TESTTEST'));// can only be 8 characters long trace(encrypt('TEST TEST')); trace(decrypt(encrypt('TEST TEST')); } private function encrypt(txt:String = ''):String { var data:ByteArray = Hex.toArray(Hex.fromString(txt)); var pad:IPad = new PKCS5; var mode:ICipher = Crypto.getCipher(type, key, pad); pad.setBlockSize(mode.getBlockSize()); mode.encrypt(data); return Base64.encodeByteArray(data); } private function decrypt(txt:String = ''):String { var data:ByteArray = Base64.decodeToByteArray(txt); var pad:IPad = new PKCS5; var mode:ICipher = Crypto.getCipher(type, key, pad); pad.setBlockSize(mode.getBlockSize()); mode.decrypt(data); return Hex.toString(Hex.fromArray(data)); } } } Here is the php class:
<?class Crypt{ var $key = NULL; var $iv = NULL; var $iv_size = NULL; function Crypt() { $this->init(); } function init($key = "") { $this->key = ($key != "") ? $key : ""; $this->algorithm = MCRYPT_DES; $this->mode = MCRYPT_MODE_ECB; $this->iv_size = mcrypt_get_iv_size($this->algorithm, $this->mode); $this->iv = mcrypt_create_iv($this->iv_size, MCRYPT_RAND); } function encrypt($data) { $size = mcrypt_get_block_size($this->algorithm, $this->mode); $data = $this->pkcs5_pad($data, $size); return base64_encode(mcrypt_encrypt($this->algorithm, $this->key, $data, $this->mode, $this->iv)); } function decrypt($data) { return $this->pkcs5_unpad(rtrim(mcrypt_decrypt($this->algorithm, $this->key, base64_decode($data), $this->mode, $this->iv))); } function pkcs5_pad($text, $blocksize) { $pad = $blocksize - (strlen($text) % $blocksize); return $text . str_repeat(chr($pad), $pad); } function pkcs5_unpad($text) { $pad = ord($text{strlen($text)-1}); if ($pad > strlen($text)) return false; if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false; return substr($text, 0, -1 * $pad); }} ?> Now if you use the encrypt method of one you can send the data to the other one and decrypt it in the other language if you use the same key. Works like a charm. There is a mention that the key can only be 8 characters long but I haven’t tested it out.
How does PHP identify a user's session?May 01, 2025 am 12:23 AMPHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.
What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AMThe security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.
Where are PHP session files stored by default?May 01, 2025 am 12:15 AMPHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita
How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AMToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si
How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AMThe steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.
How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PMThe article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.
What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PMThe article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.
How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PMArticle discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
SublimeText3 Chinese version
Chinese version, very easy to use
Notepad++7.3.1
Easy-to-use and free code editor
Dreamweaver Mac version
Visual web development tools
