Simple PHP encrypt/decrypt

Coastal Web

01-28-2010, 06:28 PM

Hi guys,

I frequently use these little encrypt/decrypt functions for various reason, alot of times the info is passed through URLS.

function encrypt($sData, $sKey='mysecretkey'){
$sResult = '';
for($i=0;$i<strlen($sData);$i++){
$sChar = substr($sData, $i, 1);
$sKeyChar = substr($sKey, ($i % strlen($sKey)) - 1, 1);
$sChar = chr(ord($sChar) + ord($sKeyChar));
$sResult .= $sChar;
}
return encode_base64($sResult);
}

function decrypt($sData, $sKey='mysecretkey'){
$sResult = '';
$sData = decode_base64($sData);
for($i=0;$i<strlen($sData);$i++){
$sChar = substr($sData, $i, 1);
$sKeyChar = substr($sKey, ($i % strlen($sKey)) - 1, 1);
$sChar = chr(ord($sChar) - ord($sKeyChar));
$sResult .= $sChar;
}
return $sResult;
}

function encode_base64($sData){
$sBase64 = base64_encode($sData);
return strtr($sBase64, '+/', '-_');
}

function decode_base64($sData){
$sBase64 = strtr($sData, '-_', '+/');
return base64_decode($sBase64);
}

Which will result in something like this:
01-28-2010 gets encrypted into: YJOSpaycmGJhYQ==

I was wondering if there would be an easy way to make it so that this function would only use alpha numeric characters (to make it more url safe).
...A-Z, a-z, 0-9...

I didn't write this code and can't remember where l found it but if l was able to tweak it so that it only used alpha numeric that would be awesome.

Any ideas, or alternate function snippets you can share?

Thanks!

MattF

01-28-2010, 06:55 PM

Untested:

function encode_base64($sData){
$sBase64 = base64_encode($sData);
return str_replace('=', '', strtr($sBase64, '+/', '-_'));
}

function decode_base64($sData){
$sBase64 = strtr($sData, '-_', '+/');
return base64_decode($sBase64.'==');
}

Or this one, which uses substr instead of str_replace:

function encode_base64($sData){
$sBase64 = base64_encode($sData);
return substr(strtr($sBase64, '+/', '-_'), 0, -2);
}

function decode_base64($sData){
$sBase64 = strtr($sData, '-_', '+/');
return base64_decode($sBase64.'==');
}

Coastal Web

01-28-2010, 07:15 PM

#2 with substr works like a charm, thanks man; l didn't know that the == was the only non alphanumeric thing in there.

>> edit:

I just realized that somtimes it doesn't have == at the end, but just = ... what would the deal w/that be? It seems that it doesn't matter how many = symbols there are on the end what is the purpose of these.

MattF

01-28-2010, 07:26 PM

Use the first example, (the one using str_replace), if there can be one or two = on the end of the string. The substr method will bugger the hash up if there's only one. :D

I'm not sure if the equals signs are actually necessary on the string or whether they are just a marker, to be honest. Can't say as I've ever checked.

Dormilich

01-28-2010, 07:43 PM

I'm not sure if the equals signs are actually necessary on the string or whether they are just a marker, to be honest. Can't say as I've ever checked.

the equal signs are used to pad the base64 string to match the 6bit/8bit conversion difference. see RFC 4648 (http://tools.ietf.org/html/rfc4648#section-4)

… honestly