Hi, Monday, October 20, 2003, 10:38:23 AM, you wrote: RA> Hi Tom, RA> Thanks for replying.
>> encrypt the numbers and decrypt them before use, if they wont decrypt to a RA> nuber >> ditch the connection. If you need a class for that I can send it to you RA> Yes please, that should help, but am new to classes so one or two lines on RA> how to implement them would be priceless. RA> Cheers, RA> -Ryan Here it is save it in encrypt_class.inc <? class encrypt_class{ var $secret; function encrypt_class(){ $this->secret = 'you should change this to something else'; } Function encode($id){ $eid = $iv = 0; $len = strlen($id); $id = $len.'-'.$id; $td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""); $key = substr($this->secret, 0, mcrypt_enc_get_key_size ($td)); $iv = pack("a".mcrypt_enc_get_iv_size($td),$iv); mcrypt_generic_init ($td, $key, $iv); $eid = base64_encode(mcrypt_generic ($td, $id)); mcrypt_generic_deinit($td); return $eid; } Function decode($eid){ $id = $iv = 0; $td = mcrypt_module_open (MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""); $key = substr($this->secret, 0, mcrypt_enc_get_key_size ($td)); $iv = pack("a".mcrypt_enc_get_iv_size($td),$iv); mcrypt_generic_init ($td, $key, $iv); $id = mdecrypt_generic ($td, base64_decode($eid)); $len = strtok($id,'-'); $id = substr($id,(strlen($len)+1),$len); mcrypt_generic_deinit($td); return $id; } } //Usage include('encrypt_class.inc'); $code = new encryptClass(); $num = 123; $enum = $code->encode($num); echo '<a href="'.$_SERVER['PHP_SELF'].'?num='.$enum.'">Test</a>'; //To check it $num = 0; if(isset($_GET['num'])){ $num = $code->decode($_GET['num']); if(!intval($num) > 0){ echo 'Bad input'; exit; } //otherwise continue } ?> To help prevent problems with stuff like this it is always a good idea to declare variables before using them, especially with sessions: $num = 0; if(isset($_SESSION['num']) $num = $_SESSION['num']; That way $num won't get poisoned if register_globals is on -- regards, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php