This article mainly introduces the PHP token token of the improvement, has a certain reference value, now share to everyone, the need for friends can refer to
In that version, there is a small problem, because to do reversible encryption, and the encrypted characters are not displayed characters + garbled, so I used the Base64 to deal with it, so that there will be no garbled and non-display characters.
It was because of the use of Base64 that there was a problem when sending this token through the Get method.
For example: http://test/test.php?a=1+2
You use $_get["a"] to obtain is: 1 2, that is, the plus sign is gone. At first I used UrlEncode to convert it, but there were always one or two of the results that were unexpected.
Later think of the Base64 character is limited to: [a-za-z0-9\+\/=] So many, plus the problem, I will replace the plus sign with no problem, underline is the best choice. The following is the modified code:
GEncrypt.inc.php
<?php class Gencrypt {protected static function KeyED ($txt, $encrypt _key) {$encrypt _key = MD5 ($encrypt _key); $ctr = 0; $tmp = ""; for ($i = 0; $i < strlen ($txt); $i + +) {if ($ctr = = strlen ($encrypt _key)) $ctr = 0; $tmp. = substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1); $ctr + +; } return $tmp; The public static function encrypt ($txt, $key) {$encrypt _key = MD5 ((float) Date ("Ymdhis") + rand (10000000000 000000, 99999999999999999)). Rand (100000, 999999)); $ctr = 0; $tmp = ""; for ($i = 0; $i < strlen ($txt); $i + +) {if ($ctr = = strlen ($encrypt _key)) $ctr = 0; $tmp. = substr ($encrypt _key, $ctr, 1). (Substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1)); $ctr + +; } return (Preg_replace ("/\\+/s", "_", Base64_encode (self::keyed ($tmp, $key))); }//base64 [a-za-z0-9\+\/=] public static function decrypt ($txt, $key) {if ($txt = = "") {return false;} Echo preg_replace ("/_/s", "+", $txt); $txt = self::keyed (Base64_decode (Preg_replace ("/_/s", "+", $txt)), $key); $tmp = ""; for ($i = 0; $i < strlen ($txt); $i + +) {$MD 5 = substr ($txt, $i, 1); $i + +; $tmp. = (substr ($txt, $i, 1) ^ $md 5); } return $tmp; }}?>
GToken.inc.php
<?php/** * Principle: When requesting token allocation, find a way to assign a unique token, base64 (time + rand + action) * If submitted, this token is recorded to indicate that the token is used and can be avoided by No duplicate submissions. * */class GToken {/** * gets all current tokens * * @return array */public static function Gettokens () {$tok ENS = $_session[gconfig::ssn_key_token]; if (Empty ($tokens) &&!is_array ($tokens)) {$tokens = array (); } return $tokens; }/** * Generates a new token * * @param string $formName * @param encryption Key $key * @return String */public static function Newtoken ($formName, $key = gconfig::encrypt_key) {$token = Gencrypt::encrypt ($formName. session_id (), $key); return $token; }/** * Removes tokens, actually adding an element to an array in the session, stating that the token has been used to avoid repeated data submissions. * * @param string $token */public static function Droptoken ($token) {$tokens = Self::gettokens (); $tokens [] = $token; Gsession::set (Gconfig::session_key_token, $tokens); }/** * Check if the token is specified * * @param string $token The token value to check *@param string $formName * @param boolean $fromCheck whether to check for routing, or true to determine if the session_id attached to token is the same as the current session_id. * @param string $key encryption Key * @return Boolean */public static function Istoken ($token, $formName, $fromCheck = False, $key = Gconfig::encrypt_key) {if (empty ($token)) return false; $tokens = Self::gettokens (); if (In_array ($token, $tokens))//If present, the description is with the used token return false; $source = Gencrypt::d ecrypt ($token, $key); if ($fromCheck) return $source = = $formName. session_id (); else{return Strpos ($source, $formName) = = = 0; }} public static function Gettokenkey ($token, $key = Gconfig::encrypt_key) {if ($token = = NULL | | Trim ($token) = = "" ) return false; $source = Gencrypt::d ecrypt ($token, $key); return $source! = ""? Str_replace (session_id (), "", $source): false; Public Function Newtokenforsmarty ($params) {$form = null; Extract ($params); Return Self::newtoken ($form); }}?>
The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to topic.alibabacloud.com!