It was because of the use of Base64 that there was a problem when sending this token through the Get method.
For example: http://test/test.php?a=1+2
You use $_get["a"] to obtain is: 1 2, that is, the plus sign is gone. At first I used UrlEncode to convert it, but there were always one or two of the results that were unexpected.
Later think of the Base64 character is limited to: [a-za-z0-9\+\/=] So many, plus the problem, I will replace the plus sign with no problem, underline is the best choice. The following is the modified code:
GEncrypt.inc.php
Copy CodeThe code is as follows:
Class Gencrypt {
protected static function KeyED ($txt, $encrypt _key) {
$encrypt _key = MD5 ($encrypt _key);
$ctr = 0;
$tmp = "";
for ($i = 0; $i < strlen ($txt); $i + +) {
if ($ctr = = strlen ($encrypt _key))
$ctr = 0;
$tmp. = substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1);
$ctr + +;
}
return $tmp;
}
public static function Encrypt ($txt, $key) {
$encrypt _key = MD5 ((float) Date ("Ymdhis") + rand (10000000000000000, 99999999999999999)). Rand (100000, 999999 ) );
$ctr = 0;
$tmp = "";
for ($i = 0; $i < strlen ($txt); $i + +) {
if ($ctr = = strlen ($encrypt _key))
$ctr = 0;
$tmp. = substr ($encrypt _key, $ctr, 1). (Substr ($txt, $i, 1) ^ substr ($encrypt _key, $ctr, 1));
$ctr + +;
}
Return (Preg_replace ("/\\+/s", "_", Base64_encode (self::keyed ($tmp, $key))));
}
Base64 [a-za-z0-9\+\/=]
public static function Decrypt ($txt, $key) {
if ($txt = = "") {return false;}
Echo preg_replace ("/_/s", "+", $txt);
$txt = self::keyed (Base64_decode (Preg_replace ("/_/s", "+", $txt)), $key);
$tmp = "";
for ($i = 0; $i < strlen ($txt); $i + +) {
$MD 5 = substr ($txt, $i, 1);
$i + +;
$tmp. = (substr ($txt, $i, 1) ^ $md 5);
}
return $tmp;
}
}
?>
GToken.inc.php
Copy CodeThe code is as follows:
/**
* Principle: When requesting token assignment, find a way to assign a unique token, base64 (time + rand + action)
* If submitted, this token record, stating that token is used, can be followed by it to avoid duplication of submissions.
*
*/
Class GToken {
/**
* Get all current tokens
*
* @return Array
*/
public static function Gettokens () {
$tokens = $_session[gconfig::ssn_key_token];
if (Empty ($tokens) &&!is_array ($tokens)) {
$tokens = Array ();
}
return $tokens;
}
/**
* Generate a new token
*
* @param string $formName
* @param encryption Key $key
* @return String
*/
public static function Newtoken ($formName, $key = Gconfig::encrypt_key) {
$token = Gencrypt::encrypt ($formName. session_id (), $key);
return $token;
}
/**
* Deleting tokens is actually adding an element to an array in the session stating that the token has been used to avoid repeated data submissions.
*
* @param string $token
*/
public static function Droptoken ($token) {
$tokens = Self::gettokens ();
$tokens [] = $token;
Gsession::set (Gconfig::session_key_token, $tokens);
}
/**
* Check if the token is specified
*
* @param string $token The token value to check
* @param string $formName
* @param boolean $fromCheck whether to check for routing, or true to determine if the session_id attached to token is the same as the current session_id.
* @param string $key encryption key
* @return Boolean
*/
public static function Istoken ($token, $formName, $fromCheck = False, $key = Gconfig::encrypt_key) {
if (empty ($token)) return false;
$tokens = Self::gettokens ();
if (In_array ($token, $tokens))//If present, the description is used token
return false;
$source = Gencrypt::d ecrypt ($token, $key);
if ($fromCheck)
return $source = = $formName. session_id ();
else{
Return Strpos ($source, $formName) = = = 0;
}
}
public static function Gettokenkey ($token, $key = Gconfig::encrypt_key) {
if ($token = = NULL | | Trim ($token) = = "") return false;
$source = Gencrypt::d ecrypt ($token, $key);
return $source! = ""? Str_replace (session_id (), "", $source): false;
}
Public Function Newtokenforsmarty ($params) {
$form = null;
Extract ($params);
Return Self::newtoken ($form);
}
}
?>
http://www.bkjia.com/PHPjc/319205.html www.bkjia.com true http://www.bkjia.com/PHPjc/319205.html techarticle it was because of the use of Base64 that there was a problem when sending this token through the Get method. For example: http://test/test.php?a=1+2 you use $_get["a" to obtain is: 12, that ...
