I believe everyone knows about the encryption and decryption function of Discuz. the authcode function can be said to have contributed a lot to the PHP field. I really found that the discuz function is wonderful. After studying this algorithm, we can summarize it into the following three points: 1. Dynamic. the same string uses the same key, and each encrypted password is different. the only decryption method is to put the decrypted information on the ciphertext. 2. timeliness. you can add a time limit parameter in seconds. In fact, the time is added to the ciphertext. 3. uniformity, encryption, and decryption all use the same function, and simple XOR algorithms are used. This function has the above functions, so there are many applicable environments. it is generally used for anti-fake interfaces when users log on to and develop APIs. // $ String: plaintext or ciphertext // $ operation: DECODE indicates decryption, others indicate encryption // $ key: key // $ expiry: ciphertext validity period function authcode ($ string, $ operation = 'Decode', $ key = '', $ expiry = 0) {// dynamic key length, the same plaintext will generate different ciphertext based on the dynamic key $ ckey_length = 4; // key $ key = md5 ($ key? $ Key: $ GLOBALS ['discuz _ auth_key ']); // key a Participates in encryption and decryption $ keya = md5 (substr ($ key, 0, 16 )); // key B is used for data integrity verification $ keyb = md5 (substr ($ key, 16, 16 )); // key c is used to change the generated ciphertext $ keyc = $ ckey_length? ($ Operation = 'decode '? Substr ($ string, 0, $ ckey_length): substr (md5 (microtime (),-$ ckey_length )):''; // calculate the key $ cryptkey = $ keya. md5 ($ keya. $ keyc); $ key_length = strlen ($ cryptkey); // plaintext. the first 10 digits are used to save the timestamp. data validity is verified during decryption, 10 to 26 bits are used to save $ keyb (key B). during decryption, the key will be used to verify data integrity. // if the key is decoded, it will start from the $ ckey_length bit, because the $ ckey_length bit before the ciphertext stores the dynamic key to ensure correct decryption $ string = $ operation = 'decode '? Base64_decode (substr ($ string, $ ckey_length): sprintf ('% 010d', $ expiry? $ Expiry + time (): 0 ). substr (md5 ($ string. $ keyb), 0, 16 ). $ string; $ string_length = strlen ($ string); $ result = ''; $ box = range (0,255); $ rndkey = array (); // Generate a key book for ($ I = 0; $ I <= 255; $ I ++) {$ rndkey [$ I] = ord ($ cryptkey [$ I % $ key_length]);} // use a fixed algorithm to disrupt the key book and increase randomness. it seems complicated, in fact, the ciphertext strength is not added for ($ j = $ I = 0; $ I <256; $ I ++) {$ j = ($ j + $ box [$ I] + $ rndkey [$ I]) % 256; $ tmp = $ box [$ I]; $ box [$ I] = $ box [$ j]; $ box [$ j] = $ tmp ;} // core encryption and decryption part for ($ a = $ j = $ I = 0; $ I <$ string_length; $ I ++) {$ a = ($ a + 1) % 256; $ j = ($ j + $ box [$ a]) % 256; $ tmp = $ box [$ a]; $ box [$ a] = $ box [$ j]; $ box [$ j] = $ tmp; // The Keys obtained from the key book are different or, then convert it into a character $ result. = chr (ord ($ string [$ I]) ^ ($ box [($ box [$ a] + $ box [$ j]) % 256]);} if ($ operation = 'decode') {// substr ($ result, 0, 10) = 0 verify the data validity // substr ($ result, 0, 10) -time ()> 0 verify data validity // substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26 ). $ keyb), 0, 16) verify data integrity // verify data validity. please refer to the unencrypted plaintext format if (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0) & substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26 ). $ keyb), 0, 16) {return substr ($ result, 26) ;}else {return '';}} else {// Save the dynamic key in the ciphertext, this is also the reason why different ciphertext texts can be decrypted in the same plain text. // because the encrypted ciphertext may be special characters, the replication process may be lost, therefore, return $ keyc is encoded in base64 format. str_replace ('=', '', base64_encode ($ result ));}} Address: http://www.codetc.com/article-73-1.html |