Coldfusion - encryption

Hello experts.
I need help to understand how the ebay encryption for bidders is working.
f.e on this page : http://offer.ebay.com/ws/eBayISAPI.dll?ViewBids&_trksid=p4340.l2565&rt=nc&item=140667065570
the bidder is :  z***d

I use encryption on my page like:
<cfset request.encryptkey = 'mykey' />
<cfset hiddenuser = Encrypt(emailaddress, request.encryptkey,'AES','BASE64') />
<cfoutput>#hiddenuser#</cfoutput>
but this way i get a very large string.I also cannot imagine how i can get unique hiddenusers showing only the first and the last letter.
Any help?
LVL 2
PanosAsked:
Who is Participating?
 
SidFishesConnect With a Mentor Commented:
well it's up to you to decide how to handle that but this is a way. For 3 usernames that start and end with e & s  it produces the output

aid=e***s
aid=e***s_1
aid=e***s_2



<cfoutput><cfset TempQry= querynew("")>
 
<cfset queryaddcolumn  (TempQry, "id", "CF_SQL_integer", ListToArray("1,2,3"))>
<cfset queryaddcolumn  (TempQry, "uname", "cf_sql_varchar", ListToArray("ebayuser12321s,elephants,ebaymees"))>
<cfset queryaddcolumn  (TempQry, "userid", "cf_sql_varchar", ListToArray("2BmkhKINVpiqmtaQ5zvzuquJhbhSrQ, al0023nlnjcnnnclsa, 9234kjhaklslljalsdh"))>

<cfdump var=#tempqry#>
<!--- above are runtime queries just to show example data.  --->

<!--- create an empty variable to hold our list --->
<cfparam name="aidList" default="">

<cfloop query="tempqry">
<cfset username = tempqry.uname>
<cfset eu = tempqry.userid>
<cfset aid = left(username, 1) & "***" & right(username,1)>
<!--- check to see if the list has this aid --->
<cfif listfindnocase(aidlist,aid)>
      <!--- if yes then we need to modify for display --->
      <cfif not isdefined("aidSuffix")>
      <!--- we'll create a numerical suffix to handle multiple matches  --->
            <cfset aidSuffix = 1>
      <cfelse>
            <!--- increment if list already exists --->
            <cfset aidSuffix = aidsuffix + 1>
      </cfif>
<cfset aid = aid & "_" & aidsuffix>
<cfset aidList = listappend(aidList,  aid)>
<cfelse>
<cfset aidList = listappend(aidList, aid)>
</cfif>
aid=#aid#<br>
eu="#eu#
<hr>
</cfloop>



</cfoutput>
0
 
Scott CraigWebmasterCommented:
Ebay doesn't use unique values for these usernames - they are simply putting asterisks in place of the actual values for everything but the first and last characters.  I don't think there is any way you can get a unique value with two letters and blank spaces if you have any larger number of users.
0
 
PanosAuthor Commented:
Hi sgroppenbecker.
There must be a trick.
Look on this page:
http://offer.ebay.com/ws/eBayISAPI.dll?ViewBids&_trksid=p4340.l2565&rt=nc&item=200691834564

some bidder have number instead of letters.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
_agx_Commented:
(no points ...)

panosms - I'm not sure what  you're asking.  Are you trying to interface with ebay's api or just emulate how it masks usernames?
0
 
PanosAuthor Commented:
Hi agx.
I want to emulate how it masks usernames.
0
 
SidFishesCommented:
If you look at the URL, I'm guessing that the e***s in the following is for display only. The real bidder id is probably the eu value (KaU%2BmkhKINVpiqmtaQ5zvzuquJhbhSrQ)

eu = ebay user? maybe

"http://offer.ebay.com/ws/eBayISAPI.dll?ViewBidderProfile&mode=1&item=200691834564&aid=e***s&eu=KaU%2BmkhKINVpiqmtaQ5zvzuquJhbhSrQ&view=NONE&ssPageName=PageBidderProfileViewBids_None_ViewLink">

this way the "encrypted" which is more accurately called a masked id e***s is of little meaning in this context

they probably do something like (not that they are using CF but...)


<cfset session.login.userid='KaU%2BmkhKINVpiqmtaQ5zvzuquJhbhSrQ'>
<cfset session.login.username="ebayuser12321s">
<cfset username = session.login.username>
<cfset eu = session.login.userid>
<cfset aid = left(username, 1) & "***" & right(username,1)>

then output as

<cfoutput>http://offer.ebay.com/ws/eBayISAPI.dll?ViewBidderProfile&mode=1&item=200691834564&aid=#aid#&eu=#eu#</cfoutput>


which is http://offer.ebay.com/ws/eBayISAPI.dll?ViewBidderProfile&mode=1&item=200691834564&aid=e***s&eu=KaU%2BmkhKINVpiqmtaQ5zvzuquJhbhSrQ 

of course this is a guess but I'm pretty sure it's something like this

0
 
PanosAuthor Commented:
Hi SidFishes.
You are guessing that it could be f.e the first and the last letter of username or email or......
I was wondering what i'm going to do if i have bidders with the same first and last letter?
I must somehow show that they are different user
Any idea?
0
 
PanosAuthor Commented:
Thank you SidFishes.
I have to handle this in a different way but the idea is exactly what i need.
0
 
PanosAuthor Commented:
Thank you very much
regards panos
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.