Hi,
You said base64_encrypt(), but didn’t you mean base64_encode() ?
As you are probably aware, base64 is NOT encryption, it’s just encoding so that you can transfer things around that would normally not be transferable (e.g. ascii characters that don’t agree with most browsers, or the HTTP spec such as new lines or binary data within the URL etc.).
My solution to this was to use the mcrypt extension, and pass actually encrypted parameters over so there is no risk of tampering (just as you wanted), but my main use for this is a lot less sensitive - an email form that I can pass any e-mail address to and not worry about abuse.
Take a look at the following example:
// I'm paranoid OK!
$crypt_key = "oru-9(£20fjasdiofewfqwfh;klncsahei223gfpaoeighew";
//Encrypt Function
function doEncrypt($encrypt)
{
global $crypt_key;
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
$passcrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $crypt_key, $encrypt, MCRYPT_MODE_ECB, $iv);
$encode = base64_encode($passcrypt);
return $encode;
}
//Decrypt Function
function doDecrypt($decrypt)
{
global $crypt_key;
$decoded = base64_decode($decrypt);
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $crypt_key, $decoded, MCRYPT_MODE_ECB, $iv);
return str_replace("\\0", '', $decrypted);
}
This is using the Rijndael 256 bit blockcipher fpr encryption and decryption… which is fairly secure, but you could choose twofish, trippledes, blowfish… or any other algorithm you feel is suitable and is supported by the mcrypt library.
You could then use it as follows on the page that creates the encrypted link
$l_secure_query = 'var1=abc&user=whoever&amount=19.42';
$l_encrypted = doEncrypt($l_secure_query);
print ('<a href="whatever.php?' . $l_encrypted . '">Pay Now</a>');
And use this on the page that needs to decrypt the arguments passed
if ( ! strlen($_SERVER['QUERY_STRING']) )
{
exit ();
}
$l_secure_query = null;
parse_str ($_SERVER['QUERY_STRING'], $l_secure_query);
print ('You are going to pay: $' . $l_secure_query['amount']);
One thing you have to keep track of is the length of the encrypted data you’re passing around pages… if it gets too big (which it easily can) then some browsers will just bork.
Regards,
- Harry