Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I encrypt/decrypt PHP GET parameters?

Tags:

php

encode

encryption

get

I have a regular request, for example:

http://myserver.com/index.php?var1=85842.23&var2=212.235&name=Teddie&valid=1

I would like those $_GET parameters be encrypted to something like (not real, just an example:)):

http://myserver.com/index.php?eParam=ks883d48223v2czozoz227272j2nn2dn2d2du3dh4hn4f4f4f4h3383xh8383s38s3j83sj8s3j92h2s89hs387h2s87hs287h2s87h2ui2c3iuhc287z9m2389f

Of course, I need a built in key on each side, that will be able to decrypt that info. Is there any function that may render that possible ? I am not concerned about the client side, as it will be a running application, not a webpage or anything that would be easily reverse-engineered.

Thanks !

like image 332
Ted Avatar asked Aug 03 '11 22:08

Ted

People also ask

How do you use encrypt and decrypt in PHP?

In PHP, Encryption and Decryption of a string is possible using one of the Cryptography Extensions called OpenSSL function for encrypt and decrypt. openssl_encrypt() Function: The openssl_encrypt() function is used to encrypt the data. Parameters: $data: It holds the string or data which need to be encrypted.

How do you encrypt decrypt data?

A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the data must be used. The goal of every encryption algorithm is to make it as difficult as possible to decrypt the generated ciphertext without using the key.

Is GET method encrypted?

The GET request is encrypted when using HTTPS - in fact this is why secured websites need to have a unique IP address - there's no way to get the intended hostname (or virtual directory) from the request until after it's been decrypted.

2 Answers

Just use SSL (i.e. HTTPS instead of plain HTTP). Then everything except the DNS look up for the domain and that a connection is made to the ip address that domain resolves to will be encrypted.

like image 163
Quentin Avatar answered Sep 23 '22 20:09

Quentin

Actually you can do that... You can have an encrypt/decrypt function including a time expiry for the given parameter. I have a script that does that for my network systems. And you have to build that on your own, I can't go public with my security scripts... But here's the idea:

  1. Find or build an encryption/decryption function
  2. Add date & time checks for the function so that the encrypted string will expire
  3. Use that function to encrypt the outgoing string
  4. After encryption, if you're using PHP, urlencode() the encrypted string to make sure that all the special characters survives after the other end receives it.
  5. At the other end, perform a urldecode(), then decrypt it, then pass the value.
like image 39
Ryan Jay Tamoria Avatar answered Sep 23 '22 20:09

Ryan Jay Tamoria
Sign in to Comment

Related questions

CakePHP - Setting up the default value for a Form->input : I want to have a line break, but how?
php communication with dll?
Limiting the number of failed login attemps
Create product from a module in prestashop
Problem with auto-incremented "id" column
php mail() from godaddy server
PHP Header not redirecting
PHP SoapClient type mapping behaves differently
Converting array to string and then back in PHP
Removing elements from an array whose value matches a specified string
Compress data in php and uncompress in javascript [closed]
Can a switch statement take two arguments?
sending cache-control / expires / pragma with 404 response - valid / understood by modern browsers?
PHP - Making Class Object Global Throughout Entire Application?
How can I get a value from a HTTP Request from a windows forms client
SQL and Case Insensitive Conditions
Convert PHP date to Excel?
twilio say verb nested into a dial verb
Requesting multiple Facebook fanpage data in a single call
Pagination with Twig

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!