[PHP] Re: Tom->Re: [PHP] session hijacking

Sun, 19 Oct 2003 17:56:05 -0700 

Hi,

Monday, October 20, 2003, 10:38:23 AM, you wrote:
RA> Hi Tom,
RA> Thanks for replying.

>> encrypt the numbers and decrypt them before use, if they wont decrypt to a
RA> nuber
>> ditch the connection. If you need a class for that I can send it to you

RA> Yes please, that should help, but am new to classes so one or two lines on
RA> how to implement them would be priceless.

RA> Cheers,
RA> -Ryan


Here it is
save it in encrypt_class.inc
<?
class encrypt_class{
        var $secret;
        function encrypt_class(){
                $this->secret = 'you should change this to something else';
        }
        Function encode($id){
                $eid = $iv = 0;
                $len = strlen($id);
                $id = $len.'-'.$id;
                $td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
                $key = substr($this->secret, 0, mcrypt_enc_get_key_size ($td));
                $iv = pack("a".mcrypt_enc_get_iv_size($td),$iv);
                mcrypt_generic_init ($td, $key, $iv);
                $eid = base64_encode(mcrypt_generic ($td, $id));
                mcrypt_generic_deinit($td);
          return $eid;
        }
        Function decode($eid){
                $id = $iv = 0;
                $td = mcrypt_module_open (MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
                $key = substr($this->secret, 0, mcrypt_enc_get_key_size ($td));
                $iv = pack("a".mcrypt_enc_get_iv_size($td),$iv);
                mcrypt_generic_init ($td, $key, $iv);
                $id = mdecrypt_generic ($td, base64_decode($eid));
                $len = strtok($id,'-');
                $id = substr($id,(strlen($len)+1),$len);
                mcrypt_generic_deinit($td);
                return $id;
        }
}
//Usage
include('encrypt_class.inc');
$code = new encryptClass();
$num = 123;
$enum = $code->encode($num);
echo   '<a href="'.$_SERVER['PHP_SELF'].'?num='.$enum.'">Test</a>';

//To check it
$num = 0;
if(isset($_GET['num'])){
  $num = $code->decode($_GET['num']);
  if(!intval($num) > 0){
    echo 'Bad input';
    exit;
  }
  //otherwise continue
}
?>

To help prevent problems with stuff like this it is always a good idea to declare
variables before using them, especially with sessions:


$num = 0;
if(isset($_SESSION['num']) $num = $_SESSION['num'];

That way $num won't get poisoned if register_globals is on

-- 
regards,
Tom

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to