Solved

php encryption / compression for putting data in a URL

Posted on 2008-10-21
6
952 Views
Last Modified: 2011-10-03
We are planning to transmit data between web pages using the url. Sort of the following exmaple:

http://www.mysite.com/?data=data_to_be_transmitted_here

We are looking for the best encrypting algorithm to make "data_to_be_trasmitted_here" obscure to the end user. It doesn't have to be secure, just unreadable. We though of using base64_encode() , but ideally we can also compress, so the end result takes less space than the original input string. Is there any other PHP functions / libraries we can use for this?

Again, the requirements are: find a PHP function or library to create an unreadable string, that don't contain special characters (so we can put it on a url) and it is compact, or even smaller than the input string, and that can be decoded back to its original.
0
Comment
Question by:cabrera48
  • 2
  • 2
  • 2
6 Comments
 
LVL 15

Expert Comment

by:MMDeveloper
ID: 22769877
is using a database an option? You can put the raw query string in a database and simply reference a row number

mysite.com?data=23

Maybe use sessions to store the data and you dont need to use a query string at all?

I'm not sure how the URL's will be hit (get, post, etc)
0
 

Author Comment

by:cabrera48
ID: 22770143
Unfortunately we can't use sessions or database due to the nature of our application.

In a nutshell, we'll have hundreds of links per page, we are trying to avoid db access as much as possible, and we have some problems with sessions going off-synch when user right-click links and open new browser tabs, and goes back and forth clicking through the different instances of the browsers (the data we are passing thru is a combination of historical / hierarchical clicktrhoughs).

It's kind of a long story to explain, but we can't use database or sessions. Everything has to be appended to the url as specified above.

0
 
LVL 15

Accepted Solution

by:
MMDeveloper earned 300 total points
ID: 22770277
how about this
function compressCrypt($string) {

	return base64_encode(gzcompress($string, 9));

}
 

function decompressCrypt($string) {

	return gzuncompress(base64_decode($string));

}
 
 

compressed and base64 encoded: compressCrypt("your query string");
 

and to return
 

decompressCrypt("your encoded query string");

Open in new window

0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 200 total points
ID: 22770744
This might be useful, depending on the character set you want to use.  HTH, ~Ray
/* ************************************************************************* */

function encode_word($string, $code=0) {
 

	$clear_text	= '$%-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz';

	$scrambled	= 'fjAEokIOzU2q13_h5w794p@6s8B.gPdFVmDTcSZe%rlGKuCyJxHiQLt-RMa$NvWYnb0X';
 

	$reg_text = "[" . $clear_text . "]";

	if (!ereg("$reg_text", $string)) {

return false; }
 

	$cryptodo	= $scrambled;
 

	$string_l	= strlen($string);

	while ($string_l > 0) { $cryptodo .= $scrambled; $string_l--; }
 

	$scramb_l	= strlen($scrambled);

 	$code		= intval($code);

	if ($code > $scramb_l) { $code = 0; }

	if ($code < 0) { $code = 0; }
 

	$kode = $code;

	while ($kode > 0) { $cryptodo .= $scrambled; $kode--; }
 

	$cryptodo	= substr($cryptodo,$code);
 

	$string_l	= strlen($string);
 

	$encoded_string = '';

	while ($string_l > 0) {

		$byte			= substr($string, 0, 1);

		$index			= strpos($clear_text, $byte); 

		$encoded_string	.= substr($cryptodo,$index,1);

		$string			= substr($string,1);

		$cryptodo		= substr($cryptodo, $index+$code);

		$string_l--;

	}

return ($encoded_string);

}

/* ************************************************************************* */
 

/* ************************************************************************* */

function decode_word($string, $code=0) {
 

	$clear_text	= '$%-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz';

	$scrambled	= 'fjAEokIOzU2q13_h5w794p@6s8B.gPdFVmDTcSZe%rlGKuCyJxHiQLt-RMa$NvWYnb0X';
 

	$cryptodo	= $scrambled;
 

	$string_l	= strlen($string);

	while ($string_l > 0) { $cryptodo .= $scrambled; $string_l--; }
 

	$scramb_l	= strlen($scrambled);

 	$code		= intval($code);

	if ($code > $scramb_l) { $code = 0; }

	if ($code < 0) { $code = 0; }
 

	$kode = $code;

	while ($kode > 0) { $cryptodo .= $scrambled; $kode--; }
 

	$cryptodo	= substr($cryptodo,$code);
 

	$string_l	= strlen($string);
 

	$decoded_string = '';

	while ($string_l > 0) {

		$byte			= substr($string, 0, 1);

		$index			= strpos($cryptodo, $byte);

		$decoded_string	.= substr($clear_text,$index,1);

		$string			= substr($string,1);

		$cryptodo		= substr($cryptodo, $index+$code);

		$string_l--;

	}

return ($decoded_string);

}

/* ************************************************************************* */

Open in new window

0
 

Author Comment

by:cabrera48
ID: 22772554
Both approaches do work, thanks guys.

Looks like base64 will still produce long strings, even if we gzcompress($str,9)  prior to feeding the base64_encode() function.

I just wish there was a way to produce smaller, more compact strings, but given the odd conditions of this application we are willing to live with that.

Thanks
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 22775096
You might be able to produce shorter strings if you use a reduced character set.  For example, if you limit yourself to 32 characters, you can get your "alpahbet" into 5 bits.  This can give you a 3-characters in 2-bytes compression.  Another way might be to use a lookup table that associates certain characters in certain positions with an expanded meaning.  For example, an "A" in position #1 means something unique, etc.  In any case, thanks for the points and good luck with your application.   Best, ~Ray
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Online file editor, manager 6 56
PHP7 and Sql Server Windows 2008 R2 13 81
php call to a non-object 3 31
Load google maps api into wordpress 5 35
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now