Improvements to PHP token tokens

This article mainly introduces the PHP token token of the improvement, has a certain reference value, now share to everyone, the need for friends can refer to

In that version, there is a small problem, because to do reversible encryption, and the encrypted characters are not displayed characters + garbled, so I used the Base64 to deal with it, so that there will be no garbled and non-display characters.

It was because of the use of Base64 that there was a problem when sending this token through the Get method.
For example: http://test/test.php?a=1+2
You use $_get["a"] to obtain is: 1 2, that is, the plus sign is gone. At first I used UrlEncode to convert it, but there were always one or two of the results that were unexpected.
Later think of the Base64 character is limited to: [a-za-z0-9\+\/=] So many, plus the problem, I will replace the plus sign with no problem, underline is the best choice. The following is the modified code:
GEncrypt.inc.php

<?php class Gencrypt {protected static function KeyED ($txt, $encrypt _key) {$encrypt _key = MD5 ($encrypt _key);    $ctr = 0;    $tmp = "";     for ($i = 0; $i < strlen ($txt); $i + +) {if ($ctr = = strlen ($encrypt _key)) $ctr = 0;     $tmp. = substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1);    $ctr + +;   } return $tmp; The public static function encrypt ($txt, $key) {$encrypt _key = MD5 ((float) Date ("Ymdhis") + rand (10000000000 000000, 99999999999999999)).    Rand (100000, 999999));    $ctr = 0;    $tmp = "";     for ($i = 0; $i < strlen ($txt); $i + +) {if ($ctr = = strlen ($encrypt _key)) $ctr = 0; $tmp. = substr ($encrypt _key, $ctr, 1).     (Substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1));    $ctr + +;   } return (Preg_replace ("/\\+/s", "_", Base64_encode (self::keyed ($tmp, $key))); }//base64 [a-za-z0-9\+\/=] public static function decrypt ($txt, $key) {if ($txt = = "") {return false;}     Echo preg_replace ("/_/s", "+", $txt);    $txt = self::keyed (Base64_decode (Preg_replace ("/_/s", "+", $txt)), $key);    $tmp = "";     for ($i = 0; $i < strlen ($txt); $i + +) {$MD 5 = substr ($txt, $i, 1);     $i + +;    $tmp. = (substr ($txt, $i, 1) ^ $md 5);   } return $tmp; }}?>

GToken.inc.php

<?php/** * Principle: When requesting token allocation, find a way to assign a unique token, base64 (time + rand + action) * If submitted, this token is recorded to indicate that the token is used and can be avoided by   No duplicate submissions. * */class GToken {/** * gets all current tokens * * @return array */public static function Gettokens () {$tok    ENS = $_session[gconfig::ssn_key_token];    if (Empty ($tokens) &&!is_array ($tokens)) {$tokens = array ();   } return $tokens;  }/** * Generates a new token * * @param string $formName * @param encryption Key $key * @return String */public static    function Newtoken ($formName, $key = gconfig::encrypt_key) {$token = Gencrypt::encrypt ($formName. session_id (), $key);   return $token;    }/** * Removes tokens, actually adding an element to an array in the session, stating that the token has been used to avoid repeated data submissions.    * * @param string $token */public static function Droptoken ($token) {$tokens = Self::gettokens ();    $tokens [] = $token;   Gsession::set (Gconfig::session_key_token, $tokens); }/** * Check if the token is specified * * @param string $token The token value to check *@param string $formName * @param boolean $fromCheck whether to check for routing, or true to determine if the session_id attached to token is the same as the current session_id. * @param string $key encryption Key * @return Boolean */public static function Istoken ($token, $formName, $fromCheck = False,    $key = Gconfig::encrypt_key) {if (empty ($token)) return false;    $tokens = Self::gettokens ();    if (In_array ($token, $tokens))//If present, the description is with the used token return false;    $source = Gencrypt::d ecrypt ($token, $key);    if ($fromCheck) return $source = = $formName. session_id ();    else{return Strpos ($source, $formName) = = = 0; }} public static function Gettokenkey ($token, $key = Gconfig::encrypt_key) {if ($token = = NULL | | Trim ($token) = = ""    ) return false;    $source = Gencrypt::d ecrypt ($token, $key); return $source! = ""?   Str_replace (session_id (), "", $source): false;    Public Function Newtokenforsmarty ($params) {$form = null;    Extract ($params);   Return Self::newtoken ($form); }}?>

The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to topic.alibabacloud.com!