PHP Classes
elePHPant
Icontem

Text Encrypter: Encode data to be passed between page scripts

Recommend this page to a friend!
  Info   View files View files (4)   DownloadInstall with Composer Download .zip   Reputation   Support forum (1)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2004-11-05 (11 years ago) RSS 2.0 feedStarStarStarStar 63%Total: 946 All time: 3,658 This week: 1,042Up
Version License Categories
pcgtextencrypter 1.0GNU General Publi...Text processing
Description Author

This class is meant to encode data as text so it can be passed between page scripts for instance in the URL of links.

It uses salt data to be able to detect whether the data has been altered eventually by malicious users during the passages of the data.

Picture of Nilesh Dosooye
Name: Nilesh Dosooye <contact>
Classes: 4 packages by
Country: Mauritius Mauritius

Details
This class is used througout the PCG Framework in all GET Strings.Code Generated from 
phpCodeGenie (PCG) can automatically put the TextEncrypter between your requests.

For more information, check the phpCodeGenie webpage on Sourceforge - 

http://phpcodegenie.sourceforge.net/



Extract taken from the PCG Framework OverView Manual

textEncrypter - Encrypting Data between scripts (requests)
Often times, you have to pass data from one script to another in your web application. 
The means of passing data from one script to another in the same application would be either 
though the SESSION, REQUEST or COOKIE.  While the session can only be modified by your 
application code, REQUEST and COOKIE can be modified by the user, if they know how it works. 

e.g  Lets say I have a script that shows the profile of a user when I pass the the userId to it
 and I pass that userId by a GET string thru the URL

    http://www.someapplication.com/viewUserProfile.php?userId=43254

As the userId is in the get String and visible to all users, malicious users, may try to 
substitute that id for other id and be able to flood or get data they are not supposed to. 
So one needs a way to prevent the users from changing that data, but at the same time 
allow your application to pass it from script to script.

PCG uses the textEncrypyter utility class to achieve that. The textEncrypter encrypts the 
data while transmitting it. Before sending data to another script, the first script encodes
it using the textEncrypter and the receiving script needs to decode it using the textEncrypter
class.  The encryption uses a SALT to encrypt the data. The SALT is like a key. You can put 
whatever secret word you want for it. On encryption and Decryption, the key need to be the same,
otherwise, the textEcrypter will stop the application.

 

The diagram above shows how the text Encrypter works. Lets say have a script that prints a link
to PHP SCRIPT 2 and appends ‘id=356’ to that link. To avoid users being able to change the id, 
PCG encode the ‘356’ using the textEncrypter class, such that the resulting get String will be 
something like ‘id= MjZ8eHl6’. If users try to change the value of that Id in the Get String, on
decoding that value, the textEncrypter will detect that the SALT is not the same and stop the 
application.

Example Code
Php Script 1
<?   
   include_once(CLASS_TEXT_ENCRYPTER);
   $thisTextEncrypter = new TextEncrypter();
   $id = “356”;
   $encryptedId = $thisTextEncrypter->encode($id);
?>
<a href=”phpScript2.php?id=<? echo $encryptedId; ?>”>Link to Script 2</a>

Php Script 2
<?   
    include_once(CLASS_TEXT_ENCRYPTER);
   $thisTextEncrypter = new TextEncrypter();
   $encryptedId = $_REQUEST[‘id’];
   $id = $thisTextEncrypter->decode($id);
   $userProfile = $userManager->getUserById($id);
?>
  Files folder image Files  
File Role Description
Plain text file decodeExample.php Example Example on how to receive encrypted Text and Decode them
Plain text file encodeExample.php Example example of how to encore your data before passing to another scrpt
Plain text file README Doc. What does TextEncrypter do and how to use it?
Accessible without login Plain text file textEncrypter.class.php Class this is the main class for encryption/decryption

 Version Control Unique User Downloads Download Rankings  
 0%
Total:946
This week:0
All time:3,658
This week:1,042Up
User Ratings User Comments (1)
 All time
Utility:80%StarStarStarStarStar
Consistency:85%StarStarStarStarStar
Documentation:80%StarStarStarStarStar
Examples:70%StarStarStarStar
Tests:-
Videos:-
Overall:63%StarStarStarStar
Rank:824