|
PHP - Encrypting Query Parameters
Hello All,
I have created a web application. Unfortunately at development time I forgot to encrypt my query parameter. So generally my apply URL shown like : http://mysite.com/myprofile.php?userId=2 So here any user can guess some other Ids because User Ids are not encrypted in URL. Is there any simple way to do it. I have more than 100 php pages and implementing ecry/decry logic on each page is time consuming So is there any way around? Regards, Prateek Similar TutorialsHello, I have made some dynamic code that performs a query on the SQL database, I only know that query at run time. However, after reading some more about PHP, I noticed that I need to include the function mysql_real_escape_string before doing this line: @mysql_query( $aStatement); So, how can I read that $aStatement and then call the mysql_real_escape_string function for each needed parameter? Thanks. So I'm creating a website for bar deals... I've tried for hours trying to get the url to take in more than one parameter with no luck, I don't know if my database isn't setup correctly or something but the url would look like this http://www.site.com/?id=1&day=Monday and when those parameters are passed the deals for that id and day are then posted in the content area I'm pretty much stumped. I feel like it's much easier than I am making it. My database looks like: ID Name Monday Tuesday Wednesday -> and so on 1 Bar1 MondayDeal TuesdayDeal WednesdayDeal 2 Bar2 MondayDeal -> and so on I am calling CURL and trying to do a POST request with parameters: Code: [Select] $curl = curl_init(); curl_setopt($curl, CURLOPT_HTTPHEADER, Array("Accept: application/json", "Content-Type: application/json")); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($curl, CURLOPT_USERAGENT, "curl 7.23.1 (x86_64-unknown-linux-gnu)"); curl_setopt($curl, CURLOPT_USERPWD, "username:password"); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_URL, "https://www.mydomain.com/route"); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, "key1=blah1&key2=blah2"); return curl_exec(curl); The problem, inside the request at http://www.mydomain.com/route I am not seeing any POST parameters passed. I.E. Code: [Select] print_r($_POST); Code: [Select] Array ( ) Should have key1=blah1 and key2=blah2. Any ideas? So I am trying to encrypt my web form and I have no idea where I put MD5 and where do I put it in MSQLADM <?php session_start(); include "common.php"; $message = $_GET['message']; //COLLECT POST data $formValue=array(); foreach ($_POST as $key => $value) { $formValue[$key] = strip_tags($value); //Lets register some POST Backs //This will allow us to repopulate form fields in the future if needed $_SESSION['post_vars'][$key] = $value; }//close for loop $myform = $_GET['CreateRecord']; if($myform==1){ //echo "test"; //Check for empty fields if($formValue['FirstName']=="" || $formValue['Surname']=="" || $formValue['UserName']=="" || $formValue['Email']=="" || $formValue['PassWord']=="" ){ $message = "missing form data, please check" ; header("Location: register.php?message=$message"); }else{ //Carry on with routine DBConnect(); $Link = mysql_connect($Host, $User, $Password); //$agentID = $_SESSION['userID']; $agentID = "1"; $Query = "INSERT INTO $Table_2 VALUES ('0', '".mysql_escape_string($formValue["FirstName"])."', '".mysql_escape_string($formValue["Surname"])."', '".mysql_escape_string($formValue["UserName"])."', '".mysql_escape_string($formValue["Email"])."', '".mysql_escape_string($formValue["PassWord"])."')"; if(mysql_db_query ($DBName, $Query, $Link)){ $message = "Successfully Registered!"; header("Location: login.php?message=$message"); }else{ $message = "Error Inserting!"; header("Location: register.php?message=$message"); }//close db query conditional }//close form validation conditional }//close form submit conditional ?> Thanks in advance Hi So I'm very new to php, and I've got a POST form with credit card information. Can anyone please explain to me in simple terms or give me a code to encrypt the data sent on the form and decrypt it so that when I get it in my email inbox I can understand it? Thank you! Whats the best way to encrypt passwords? Would something like this work? Code: [Select] crypt(sha1($salt.md5($salt).'hello'.sha1($salt)), $salt) Hi, I am trying to create .htaccess and .htpasswd files in PHP using fopen and fwrite. But I don't think I'm encrypting the password correctly for the .htpasswd file. When I enter the username and password on the protected page, I am asked to enter them again. My error logs say "Password Mismatch". I have tried encrypting with: $encrypwd = crypt($pwd); and $encrypwd = md5($pwd); my username, password and create .htpasswd code $name = "6"; $pwd = "6"; $hpfile = $name."/private/.htpasswd"; $fh2 = fopen($hpfile, 'w') or die("can't open file"); $stringData = $name.":".$encrypwd; fwrite($fh2, $stringData); fclose($fh2); When I create a .htpasswd manually (entering the username and using an online htpasswd generator for the encrypted password) I am successful. I am using Xampp Lite, Windows 7, PHP Version 5.3.1 In case it matters Thanks I'd like to play music in the background of a page, but don't want to display the url of the music files in the source code or encrypt it. Is that possible to do using php? I'm using PHP and MySQL. I have an application where I'd like to keep certain database (character) fields encrypted when added to the database and stored, but when I need to display them at the appropriate time, I can call a function and quickly decrypt them for display. Does anyone know of a simple way to do this? Thanks! I have some function or method. Is there a better design patter to implement this?
function myFunction($a=null,$b=null,$c=null,$d=null,$e=null,$f=null,$g=null,$h=null)
{
//Do a bunch of stuff
}
Maybe the second function?
function myNewFunction($data=array())
{
$data=array_merge(array('a'=>null,'b'=>null,'c'=>null,'d'=>null,'e'=>null,'f'=>null,'g'=>null,'h'=>null),$array);
//Do a bunch of stuff
}
Please provide decision making factors why you would use one approach over the other.
I got two links with a parameter with a value. When I click either link it will send me to the same challenge.php page, I'm wanting to find the value of the parameter and display the page according to what value the parameter has in the url. This script doesn't seem to be working. Code: [Select] <a href="http://www.site.com/challenge.php?id=1">Complete Challenge 1</a> <a href="http://www.site.com/challenge.php?id=2">Complete Challenge 2</a> Code: [Select] $id = $_GET['id']; if ($id=1) { echo "This is challenge 1 completed"; } elseif ($id=2) { echo "This is challenge 2 completed"; else { echo "The URL parameters didn't work"; } Any help would be appreciated thanks.
Not experienced coding PHP and need help doing something which is probably very easy but looks like Mt Everest to me. FOO = 123456 BAR = abc Then, write URLs with those variables and have them work the same in a browser:
http://webpage1.com/?var1=FOO&var2=BAR
http://webpage2.com/?var1=FOO&var2=BAR
http://webpage3.com/?var1=FOO&var2=BAR If I update the fields in my local webpage and refresh browser, would like the new value(s) to be used instead. Any help with this greatly appreciated. If someone will put a file together think that I can edit and modify from there for my specific application. Thank you. Edited December 1, 2020 by XcloneIs there an alternative way to encode url params besides: base64_encode() examples would be great. Hello all, I'm kind of a noob to PHP, and as such have been teaching myself the language. I'm attempting to insert tag attributes in divs, based on whether the site is viewed in IE or Firefox, to account for subtle differences in appearance. The problem, however, is that the variable $boxorlink apparently has the value "box" the second time I call the method, even though I explicitly state "other" as the parameter; the else clause is never reached. If anybody could tell me why this is happening, please let me know. My entire HTML code is below... <html> <head> <style type ="text/css"> html { background-image:url('denim.jpg'); } .wrapper { min-width:600px; width:600px; height:800px; position:fixed; } .headertext { font-weight:bold; color:#FFFFFF; font-size:24pt; font-family:sans serif; text-shadow: 0.1em 0.1em #333 } .miniheadertext { font-weight:bold; color:#FFFFFF; font-size:16pt; font-family:sans serif; text-shadow: 0.1em 0.1em #333 } div.transbox { width:750px; height:180px; margin:30px 50px; border-style:solid; border-color:#c0c0c0; background-color:#000000; /* for IE */ filter:alpha(opacity=30); /* CSS3 standard */ opacity:0.3; } div.currentpagelink { width:90px; height:22px; margin:30px 50px; background-color:#c0c0c0; font-color:#FFFFFF; font-weight:bold; font-size:14pt; font-family:sans serif; text-align:center; /* for IE */ filter:alpha(opacity=40); /* CSS3 standard */ opacity:0.4; } } div.otherpagelinks { width:100px; height:50px; font-size:14pt; font-family:sans-serif; } </style> <title> Marvin Serrano's Online Portfolio </title> <?php function checkBrowser($boxorlink, $left, $top, $displaceleft, $displacetop) { //new positions for Firefox $newleft = $left + $displaceleft; $newtop = $top + $displacetop; //positions for links... $newlinkleft = $left - $displaceleft; $newlinktop = $top - $displacetop; //checks for box on top or links; links have to be certain % from top. if ($boxorlink = 'box') { if (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== FALSE) { echo('left:'.$left.'%'); } else { echo('left:'.$newleft.'%'); } } elseif ($boxorlink = 'other') { if (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE') !== FALSE) { echo('left:'.$left.'%;'.'top:'.$top.'%'); } else { echo('left:'.$newlinkleft.'%;'.'top:'.$newlinktop.'%'); } } } ?> </head> <div class="wrapper"> <div class ="transbox" style="position:absolute; <?php checkBrowser('box',19,0,9,0) ?>"> <div class ="headertext" style="position:absolute; left:30%; top:30%">MARVIN SERRANO</div> <div class ="miniheadertext" style="position:absolute; left:29%; top:55%">Live for today, dream for tomorrow.</div> </div> <div class ="currentpagelink" style="position:absolute; <?php checkBrowser('other',38.1,26.3,10.1,3) ?>"> Home </div> <div class="otherpagelinks"> </div> </div> </html> -Marvin Hi, I develop some functions in PL/SQL and PL/PgSQL. In these languages are IN and OUT parameters in Functions and Store Procedures. There is IN and OUT parameters in PHP Functions? Sorry my bad english. Best Regards, Hi hello, Right now I have this generated URL: mywebsite.com/thisismypage?compare0=50&compare1=112&compare2=512 Is there anyway to "extract" the 50, 112, and 512 dynamically? Those numbers are the Item ID's, I need them for further operations. So is there a way to extract the IDs, maybe into an array? The ID's are dynamically rendered, as well as the "compare#". Not sure if I am being clear... hopefully this makes sense. All help is appreciated. Thank you. I am making a function it returns one thing, but I would the like to put something into a variable to use outside the function. for example, the third parameter in preg_match() sets a variable that you can then use later in your code, how can I create a parameter like that? Hi all, I need to get a parameter from an url, but the GET variables are passed through urldecode(). Some of my variables may have characters such as "+", ":", spaces, etc. When I use GET, all "+" are converted to spaces. I can use urlencode to get the "+" back, but also everything that was previously a space also turns into "+". Example: variable = abc+ c+:d Then I can get either: abc c :d or abc++c+:d but I want to get abc+ c+:d Would anybody know how to help me? Thanks! Hi everybody, I wrote a web service and I need to pass parameters through url in order to make a record in a mysql db. The problem is that when I insert greek characters in url it translates it to something like this http://xxxxxx.xx/test3.php?name=%CD%E9%EA%EF%F2&pass=234 and I got an error. Does anybody have a suggestion? Please help because I search for this many hours and still nothing. Thanks for your time This thread is about what you can and cannot call Variables and Parameters in a Function... I have this query which returns 1 or 2 for $gender... Code: [Select] // Check # of Records Returned. if (mysqli_stmt_num_rows($stmt1)==1){ // Member was Found. // Bind result-set to variables. mysqli_stmt_bind_result($stmt1, $firstName, $username, $photoName, $photoLabel, $gender, $birthYear, $location, $occupation, $interests, $aboutMe); And here is my Function... Code: [Select] function displayGender($gender){ if ($gender == 1){ $gender = 'Male'; }elseif ($gender == 2){ $gender = 'Female'; }else{ $gender = ''; } return $gender; }//End of displayGender Questions: 1.) Is it a problem having $gender as both my Parameter and Argument? 2.) Is it a problem renaming $gender inside the Function like I do? 3.) Is it a problem returning $gender like I do? Thanks, Debbie |
|||||||