RE: [PHP] running str_replace, it misbehaves!

2009-08-17 Thread Ford, Mike 
 -Original Message-
 From: Allen McCabe [mailto:allenmcc...@gmail.com]
 Sent: 16 August 2009 22:07

[...]
 
 Here is an example of my code:
 
 [code]
 
 ?php
 //ENCRYPT FUNCTIONS
 function format_string($string,$functions)
 { $funcs = explode(,,$functions);
 foreach ($funcs as $func)
 {
 if (function_exists($func)) $string = $func($string);
 }
 return $string;
 }
 function enc_string($string)
 {  $search =
 array(a,b,c,d,e,f,g,h,i,..); //62
 values
  $replace = array(j9,k8,q7,v6,...); //62 values
  $string = str_replace($search, $replace, $string);
  $search2 =
 array(9k,8q,7v,6w,5x,4y,3z,2j,);
 // 126
 values
  $string = str_replace($search2, $replace2, $string);
  return $string;
 }

When you feed array search and replace values to str_replace, it runs them in 
sequence, not in parallel

As you haven't given us a full input alphabet above (and, incidentally, you've 
left out the value of $replace2!), I can't give an example using your encoding, 
so let's just take, for example:
 
$string = 'word';

and feed it through

str_replace(array('d','o','r','w'), array('w9', 'r8', 'o7', 'd6'), $string);

This proceeds as follows:

d - w9 = worw9
o - r8 = wr8rw9
r - o7 = wo78o7w9// Note how TWO r-o7 replaces were made here!
w - d6 = d6o78o7d69  // and similarly w-d6 twice!

I think this gives you a clue as to what is happening -- the same effect will 
occur on your second str_replace, as well, giving you your apparent multiple 
encode problem. If you must do this kind of translation, then you need a 
function that doesn't have this re-replace effect, such as strtr() 
http://php.net/strtr.

But, I have to wonder, why aren't you just using one of the encoding functions 
readily available in PHP, such as md5() or sha1(), or hash()?


Cheers!

Mike
 -- 
Mike Ford,
Electronic Information Developer, Libraries and Learning Innovation,  
Leeds Metropolitan University, C507, Civic Quarter Campus, 
Woodhouse Lane, LEEDS,  LS1 3HE,  United Kingdom 
Email: m.f...@leedsmet.ac.uk 
Tel: +44 113 812 4730




To view the terms under which this email is distributed, please go to 
http://disclaimer.leedsmet.ac.uk/email.htm

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] running str_replace, it misbehaves!

2009-08-16 Thread Allen McCabe 
Hi friends, I'm trying to get an encrypting program working to possibly use
for password insertion into a db.

I set up a function that runs str_replace on a string (user supplied) two
times. It searches for a single letter or number, and replace it with a
pair. The next str_replace searches that new string for different pairs, and
replaces them with a three-character string (symbol, character, character).
I'm using % as my symbol, so I'm pretty sure this isn't the issue.

It encodes, but the resulting string is way longer than expected!

I set sup a decode function, with the same str_replace values, just with the
replaces flipped. This works to return to me my original value, but I have
to decode about 6 times (after encoding once). Basically, running a string
through the encoding function will decode back to its original value, but I
have to run it through the decode function multiple times to do so.

Here is an example of my code:

[code]

?php
//ENCRYPT FUNCTIONS
function format_string($string,$functions)
{ $funcs = explode(,,$functions);
foreach ($funcs as $func)
{
if (function_exists($func)) $string = $func($string);
}
return $string;
}
function enc_string($string)
{  $search = array(a,b,c,d,e,f,g,h,i,..); //62
values
 $replace = array(j9,k8,q7,v6,...); //62 values
 $string = str_replace($search, $replace, $string);
 $search2 =
array(9k,8q,7v,6w,5x,4y,3z,2j,); // 126
values
 $string = str_replace($search2, $replace2, $string);
 return $string;
}
function scrub($input)
{ $string = format_string($input,strip_tags,trim);
 $string = enc_string($string);
 return $string;
}
if(isset($_POST['input']))
{ $input = $_POST['input'];
 $enc_password = scrub($input);
}
//DECRYPT FUNCTIONS
function format_string2($string2,$functions)
{ $funcs = explode(,,$functions);
foreach ($funcs as $func)
{
if (function_exists($func)) $string2 = $func($string2);
}
return $string2;
}
function dec_string($string2)
{ $search3 = array(%A1,%B2,%C3,); // 126 values
 $replace3 = array(9k,8q,7v,...); //126 values
 $string2 = str_replace($search3, $replace3, $string2);
 $search4 = array(j9,k8,q7,..); //62 values
 $replace4 = array(a,b,c,...); //62 values
 $string2 = str_replace($search4, $replace4, $string2);
 return $string2;
}
function scrub_set2($input2)
{ $string2 = format_string2($input2,strip_tags,trim);
 $string2 = dec_string($string2);
 return $string2;
}
if(isset($_POST['input2']))
{ $input2 = $_POST['input2'];
 $dec_password = scrub_set2($input2);
}
?
body

form (posts to itself) 
input type=text name=input id=input value=?php if(isset($input))
echo $input; ? /
 input type=text name=output id=output value=?php
if(isset($enc_password)) echo $enc_password; ? ?php
if(!isset($enc_password)) echo readonly='readonly'; ? /
input type=submit name=submit value=Encrypt /

[/code]

I have a feeling that php is running the functions through the str_replace
functions multiple times. It doesn't seem to mess with the unique-ness I had
to build into it (in order to preserve the string for decoding), but it
makes me nervous if it runs it through multiple times. Does anyone know why
the encoding step results in such a long string? And why do I have to run
decode on the result so many times to change it back?

Any and all help would be greatly appreciated!