4

I need to pass some encrypted value through URL. Is there any way to avoid some characters such as slash (/) in the value we are getting after encryption? Because in codeigniter, character such as slash is used for separating parameters in the URL. Please note that i don't want any suggestion to don't pass the encrypted string in URL :)

Improve this question
1
  • What i want is an encoding or encrypting methods which will not produce slash(/) in the result. Commented May 2, 2012 at 10:10

4 Answers 4

Reset to default
7

Use the PHP urlencode function after encryption: http://php.net/manual/en/function.urlencode.php and use urldecode in the script that's processing the GET data.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

best one but please confirm one more thing would it cause too long URL error?
5 
class MY_Encrypt extends CI_Encrypt
{

    function encode($string, $key="", $url_safe=TRUE)
    {
        $ret = parent::encode($string, $key);

        if ($url_safe)
        {
            $ret = strtr(
                    $ret,
                    array(
                        '+' => '.',
                        '=' => '-',
                        '/' => '~'
                    )
                );
        }

        return $ret;
    }


    function decode($string, $key="")
    {
        $string = strtr(
                $string,
                array(
                    '.' => '+',
                    '-' => '=',
                    '~' => '/'
                )
            );

        return parent::decode($string, $key);
    }
}

-

$key = $this->config->item('encryption_key');

$outboundlink = urlencode( $this->encrypt->encode($segment, $key, TRUE) );

$inboundlink  = rawurldecode( $this->encrypt->decode( $segment, $key) );
Improve this answer

Comments

0

One idea is to represent encrypted string as hex using only 0-9 and a-f and optionally x.

But i suggest you to use TLS (better SSL) for protecting your data, because now you probably encrypt data using JS so keys are visible to attacker.

Do not call current scheme security or encryption, but just obfuscation.

Improve this answer

1 Comment

OP's asking how to pass an encrypted string to the url, not how to encrypt, nor how to protect data; he's encrypting (CI has a native encryption class, he might be using that), like it or not, and now needs to pass the encrypted data without messing with the router class
-2

What you want is not an encryption (which implies security) but an encoding. In practice, your options are basically:

  • urlencode (Use this if you want the string to be somewhat legible. This also will give you a shorter string than the other two options)
  • base64 (use this if you don't want the string to be legible and also want to conserve space in your string)
  • hex (use this if you don't want the string to be legible and you don't care about string length)

I wouldn't choose hex. Decide whether you want the string to be legible and pick one of the two first.

Improve this answer

4 Comments

What's so difficult to understand: OP has en encrypted string (yes, encrypted. CI has a native encryption class, he might be using that), and now wants to pass it to the url. What makes you think OP doesn't know the difference between encoding and encryption?
Ya i need an encoding but which is not producing values such as slash.
OK apologies, I understand now that the string is already encrypted and then it needs to be encoded. Sorry about that.
Then you can edit this for the better or remove this inappropriate answer..!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.