Home  >  Article  >  Backend Development  >  PHP uses hexadecimal to encrypt and decrypt IDs

PHP uses hexadecimal to encrypt and decrypt IDs

藏色散人
藏色散人forward
2019-11-18 14:38:433644browse

Preface

I recently encountered a problem in the project. The current user shares an invitation code with a friend. After the friend registers as a new user based on the invitation code, he becomes a subordinate of the current user. , under certain conditions, a series of rebates can be obtained from lower-level users. What is implemented here is to generate an encrypted string based on the current user's id, which can be reversely decrypted. After constant testing and adjustments, the final result was finally obtained. For example:

id = 12 code = 85U43DM

First implementation

First enter the code, as follows:

/**
 * 加密解密用户邀请码,
 * @param unknown $string
 * @param string $action  encode|decode
 * @return string
 */
function endecodeUserId($string, $action = 'encode') {
    $startLen = 13;
    $endLen = 8;
    $coderes = '';
    #TOD 暂设定uid字符长度最大到9
    if ($action=='encode') {
        $uidlen = strlen($string);
        $salt = 'yourself_code';
        $codestr = $string.$salt;
        $encodestr = hash('md4', $codestr);
        $coderes = $uidlen.substr($encodestr, 5,$startLen-$uidlen).$string.substr($encodestr, -12,$endLen);
        $coderes = strtoupper($coderes);
    }elseif($action=='decode'){
        $strlen = strlen($string);
        $uidlen = $string[0];
        $coderes = substr($string, $startLen-$uidlen+1,$uidlen);
    }
    return  $coderes;
}

Introduction to the idea:

Set a salt value, $salt, and id to form a new string after concatenation. The salt value can be used for security verification of the invitation code later. Perform md4 encryption on the string (considering that md4 is faster and less secure than md5), get $encodestr, split the string into two parts, the first part $startLen , 13 strings; the second part $endLen, 8 strings. Mix $string, here the passed in id, and $uidlen into the previous part of the string. Therefore, it currently only supports a maximum length of id of 9, so the length of $uidlen is 1, so in the end we get a string of length 22.

During the encryption process, we actually mix the value of the id and the length of the id into the encrypted string. During encryption, we find the corresponding position based on the stored information to get the id.

Here, we do not have high requirements for security. In order to make the program run faster, there is no verification during decryption.

Test, encrypt the id:

echo endecodeUserId(12);

Output result:

23471DC2352712F34D6780

Test, decrypt the invitation code

echo endecodeUserId('23471DC2352712F34D6780','decode');

Output result:

12

The results obtained do not seem to have any problems, but in the actual test, a problem was found. This may happen to ordinary users. A friend sends an invitation code to his WeChat mobile phone, and then he wants to register using his computer. But he doesn’t know how to transfer the invitation code from his mobile phone to his computer or finds it troublesome. At this time, he has to manually enter the invitation code on the computer. Oh my god, it’s 22 digits, and it’s still a mixture of capital letters and numbers. I guess He is giving up registration.

Therefore, we have made adjustments and changed to a 7-digit invitation code.

Explore again

Is the method encapsulated before writing the article, or is it better to directly write the code first

<?php
class convert
{
    /**
     * 初始数字,自定义
     */
    const INIT_NUM = 123456789;
    /**
     * @var 进制的基本字符串
     */
    private $baseChar;
    /**
     * @var 进制类型
     */
    private $type;
    /**
     * @var array 各进制字符串列表
     */
    private static $convertList = array(
        &#39;32&#39; => &#39;0123456789ABCDEFGHJKMNPQRSTVWXYZ&#39;,//不含ILOU
    );
    public function __construct($type=&#39;32&#39;)
    {
        $this->type = $type;
        $this->baseChar = self::$convertList[$type];
    }
    /**
     * 公用方法,数字进行进制转换
     * @param $num
     * @return string
     */
    private function _idToString($num){
        $str = &#39;&#39;;
        while ($num!=0){
            $tmp = $num % $this->type;
            $str .= $this->baseChar[$tmp];
            $num = intval($num/$this->type);
        }
        return $str;
    }
    /**
     * @desc  im:十机制数转换成三十二进制数
     * @param (string)$char 三十二进制数
     * return 返回:十进制数
     */
    public function idToString($id){//10位内id 返回7位字母数字
        //数组 增加备用数值
        $id += self::INIT_NUM;
        //左补0 补齐10位
        $str = str_pad($id,10,&#39;0&#39;,STR_PAD_LEFT);
        //按位 拆分 4 6位(32进制 4 6位划分)
        $num1 = intval($str[0].$str[2].$str[6].$str[9]);
        $num2 = intval($str[1].$str[3].$str[4].$str[5].$str[7].$str[8]);
        $str1 = $str2 = &#39;&#39;;
        $str1 = $this->_idToString($num1);
        $str1 = strrev($str1);
        $str2 = $this->_idToString($num2);
        $str2 = strrev($str2);
        //4 补足 3 4位 U L
        return str_pad($str1,3,&#39;U&#39;,STR_PAD_RIGHT).str_pad($str2,4,&#39;L&#39;,STR_PAD_RIGHT);
    }
    /**
     * @desc  im:三十二进制数转换成十机制数
     * @param (string)$char 三十二进制数
     * return 返回:十进制数
     */
    public function stringToId($str){
        //1 清除 3 4 位补足位
        $str1 = trim(substr($str,0,3),&#39;U&#39;);
        $str2 = trim(substr($str,3,4),&#39;L&#39;);
        $num1 = $this->_stringToId($str1);
        $num2 = $this->_stringToId($str2);
        //补位拼接
        $str1 = str_pad($num1,4,&#39;0&#39;,STR_PAD_LEFT);
        $str2 = str_pad($num2,6,&#39;0&#39;,STR_PAD_LEFT);
        $id = ltrim($str1[0].$str2[0].$str1[1].$str2[1].$str2[2].$str2[3].$str1[2].$str2[4].$str2[5].$str1[3],&#39;0&#39;);
        //减去 备用数值
        $id -= self::INIT_NUM;
        return $id;
    }
    /**
     * 公用方法字符串转数字
     * @param $str
     * @return float|int|string
     */
    private function _stringToId($str){
        //转换为数组
        $charArr = array_flip(str_split($this->baseChar));
        $num = 0;
        for ($i=0;$i<=strlen($str)-1;$i++)
        {
            $linshi = substr($str,$i,1);
            if(!isset($charArr[$linshi])){
                return &#39;&#39;;
            }
            $num += $charArr[$linshi]*pow($this->type,strlen($str)-$i-1);
        }
        return $num;
    }
}

Introduction to ideas

This method was adopted under the guidance of a master who has worked for many years. Convert the id into a fixed-length 32-digit string and add your own algorithm. Why is base 32 used here instead of other bases? The 32-digit system can contain enough English characters, and the generated encrypted string will look more standardized. On the other hand, some English characters that are not easily recognized (ILOU is excluded here) are excluded, so the 32-digit system is used instead of 36 base.

Encryption process, method idToString(), considering that when the id is relatively small at the beginning, there will be more 0s when converting to 32 hexadecimal, which seems very irregular, so an initial value INIT_NUM is set. , this can be customized. According to the passed id, after adding the initial value, a value with a length of 10 digits is obtained. The interval bit of this value is split into $num1 with a length of 4 digits and $num2 with a length of 6 digits. The two values ​​are converted separately. It is hexadecimal. After conversion, $num1 will get a string with a length of 3. Use U to make up for the shortage. $num2 will get a string with a length of 4. Use L to make up for the shortage.

Decryption is a reverse operation, just reverse the operation.

Test: Generate

$obj = new convert(32);
$res1 = $obj->idToString(12);

Result:

85U43DM

Decrypt:

$obj = new convert(32);
$res1 = $obj->stringToId(&#39;85U43DM&#39;);

Result:

12

Summary

Of course, even this last method has shortcomings. For example, when splitting the encrypted value into two num values, the method used is very inflexible. Once the decryption is modified, the Follow the changes. I am just sharing an idea here, and everyone is welcome to criticize and correct me.

The above is the detailed content of PHP uses hexadecimal to encrypt and decrypt IDs. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:segmentfault.com. If there is any infringement, please contact admin@php.cn delete