PHP encryption and Practical application

PHP encryption and actual application data encryption can be simply understood as: plaintext (file or data) --> algorithm processing --> unreadable ciphertext, so as to achieve the encryption effect. Several encryption methods in php

Md5 encryption algorithm

Crypt algorithm

Sha1 encryption algorithm

URL encoding

Base64 encoding

Among them, md5, crypt, and sha1 are all unidirectional encryption algorithms (hash calculation is performed on information of different lengths to get output with fixed lengths. this process is unidirectional, you cannot obtain the input information by calculating the output with a fixed length ).

Md5 () encryption algorithm

String md5 (string $ str [, bool $ raw_output = false])
Returns the hash value in hexadecimal format.
If the optional raw_output is set to TRUE, the MD5 message digest is returned in the original 16-bit binary format.

    header("Content-type:text/html;charset=utf-8");    $name = "yuesir";    echo md5($name);    echo "
 ";    echo md5($name, true);

e217951255a1f0b2c9d8fea477af795e??U???????w?y^

Crypt () encryption algorithm

String crypt (string $ str [, string $ salt])
$ Salt is an encrypted interference code that makes the encoding safer. an optional salt value string. If not provided, the algorithm behavior will be determined by different algorithms and may lead to unpredictable results.
Crypt () returns a hash string based on the standard unix des algorithm or other alternative algorithms available on the system.
If no salt value is provided, PHP automatically generates a salt value of 2 characters (DES) or 12 characters (MD5 ).

Note:

If $ salt is not added to the encryption, an interference code is randomly generated. Otherwise, the encrypted ciphertext will not be refreshed.

    header("Content-type:text/html;charset=utf-8");    $name = "yuesir";    echo crypt($name);    echo "
 ";    echo crypt($name, 'hello');

    $1$BG2.0N3.$zysIbnXYFkPyqr9g8XFo/1    heS64YGnAn6Wc

** $1 $ BG2.0N3. $ ** indicates the hash value feature generated by CRYPT_MD5 starting with $1 $ and ending with $. there are no more than 8 random characters in it, and $ is followed by the ciphertext body.

Sha1 () encryption algorithm

String sha1 (string $ str [, bool $ raw_output = false])
If the optional raw_output parameter is set to TRUE, the sha1 digest is returned in the original format of 20 characters; otherwise, the return value is a hexadecimal number of 40 characters.

    header("Content-type:text/html;charset=utf-8");    $name = "yuesir";    echo sha1($name);    echo "
 ";    echo sha1($name, 'hello');

    1b15630e04990268e3f64c32a119417642fb98d0    c?h??L2?AvB???

It is similar to md5 (), but the returned string is longer (40 bits). because the algorithm on which this function depends is not complex enough, it is not recommended to use this function to encrypt the plaintext password.

URL encoding technology

String urlencode (string $ str)
Returns a string -_. all other non-alphanumeric characters will be replaced with a semicolon (%) followed by two hexadecimal numbers, and spaces will be encoded as the plus sign (+)

Header ("Content-type: text/html; charset = utf-8"); $ url = "http://yufu.me? Q = hello world + hello & username = & "; echo urlencode ($ url )."
"; Echo" click me ";

Http % 3A % 2F % 2Fyufu. me % 3Fq % 3 Dhello + world + % 2B + % E4 % BD % A0 % E5 % A5 % BD % 26 username % 3D % 26amp point me

Urldecode

String urldecode (string $ str)
Decodes the encoded URL string and decodes any % # in the encoded string ##. Returns the decoded string.

Header ("Content-type: text/html; charset = utf-8"); $ url = "http://yufu.me? Q = hello world + hello & username = & "; echo urlencode ($ url )."
 "; Echo urldecode (" http % 3A % 2F % 2Fyufu. me % 3Fq % 3 Dhello + world + % 2B + % E4 % BD % A0 % E5 % A5 % BD % 26 username % 3D % 26amp "); ---------- http % 3A % 2F % 2Fyufu. me % 3Fq % 3 Dhello + world + % 2B + % E4 % BD % A0 % E5 % A5 % BD % 26 username % 3D % 26 amphttp: // yufu. me? Q = hello world + hello & username = &

Note that the username value is parsed by the browser &
Solution:

A simple solution is to use & replace & as the separator. You do not need to modify the PHP arg_separator. Make it still &, and use only htmlentities () or htmlspecialchars () to encode your URL.

Base64 encryption technology

String base64_encode (string $ data)
MIME base64 is used to encode data so that binary data can be transmitted through a non-pure 8-bit transport layer, such as the subject of an email; base64-encoded data occupies about 33% more space than raw data

Base64_decode
String base64_decode (string $ encoded_data)
Decodes MIME base64 encoded data and returns the original data. otherwise, FALSE is returned. The returned data may be binary.

    $img_path = 'image/1_meitu_1.jpg';    $data = file_get_contents($img_path);    echo base64_encode($data);    echo "";