Phpcmsv9sys_auth function encryption principle

The basic principle is to assume that the variable $ a, $ B, $ c = $ a ^ $ B (variable a is different or variable B), so we have $ a = $ B ^ $ c, $ B = $ a ^ $ c and above are applications with an exception or logic. (question: how to swap the variable $ a without using 3rd variables, what is the value of $ B ?) Back to question: After learning about the content, we... "/> <scripttype =" text/javascript "basic principle assume that the variable $ a, $ B, $ c = $ a ^ $ B (variable a is different or variable B ), therefore, we have $ a = $ B ^ $ c, $ B = $ a ^ $ c and above, which are applications of an exception or logic: how can we exchange the values of $ a and $ B without using 3rd variables ?) Regression subject: After learning about the content, we can regard variable $ a as plaintext (a string to be encrypted) and variable $ B as a key (defined by ourselves ), the variable $ c is regarded as ciphertext (sent to the client for online transmission ). Of course, the above is just the basic principle. encryption is never simply an exception or string. In order to make the algorithm more difficult to crack the sys_auth function, the key is encrypted:

$key_length = 4;  $key = md5($key);  $fixedkey = md5($key);  $egiskeys = md5(substr($fixedkey, 16, 16));  $runtokey = $key_length ? ($operation == 'ENCODE' ? substr(md5(microtime(true)), -$key_length) : substr($string, 0, $key_length)) : '';  $keys = md5(substr($runtokey, 0, 16) . substr($fixedkey, 0, 16) . substr($runtokey, 16) . substr($fixedkey, 16));  $key_length = 4;$key = md5($key);$fixedkey = md5($key);$egiskeys = md5(substr($fixedkey, 16, 16));$runtokey = $key_length ? ($operation == 'ENCODE' ? substr(md5(microtime(true)), -$key_length) : substr($string, 0, $key_length)) : '';$keys = md5(substr($runtokey, 0, 16) . substr($fixedkey, 0, 16) . substr($runtokey, 16) . substr($fixedkey, 16));

 

Some segments are also inserted into the plain text and encoded with base64.

Function sys_auth ($ string, $ operation = 'encoding', $ key = 'hi', $ expiry = 0) {$ key_length = 4; $ key = md5 ($ key ); $ fixedkey = md5 ($ key); $ egiskeys = md5 (substr ($ fixedkey, 16, 16); $ runtokey = $ key_length? ($ Operation = 'encoding '? Substr (md5 (microtime (true),-$ key_length): substr ($ string, 0, $ key_length): ''; $ keys = md5 (substr ($ runtokey, 0, 16 ). substr ($ fixedkey, 0, 16 ). substr ($ runtokey, 16 ). substr ($ fixedkey, 16); $ string = $ operation = 'encoding '? Sprintf ('% 010d', $ expiry? $ Expiry + time (): 0 ). substr (md5 ($ string. $ egiskeys), 0, 16 ). $ string: base64_decode (substr ($ string, $ key_length); // 10-bit ciphertext expiration information + 16-bit plaintext and key-generated ciphertext verification information + plaintext $ I = 0; $ result = ''; $ string_length = strlen ($ string); for ($ I = 0; $ I <$ string_length; $ I ++) {$ result. = chr (ord ($ string {$ I}) ^ ord ($ keys {$ I % 32});} if ($ operation = 'encoding ') {return $ runtokey. str_replace ('=', '', base64_encode ($ result ));} Else {if (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0) & substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26 ). $ egiskeys), 0, 16) {return substr ($ result, 26);} else {return '';}} function sys_auth ($ string, $ operation = 'encoding', $ key = 'hi', $ expiry = 0) {$ key_length = 4; $ key = md5 ($ key ); $ fixedkey = md5 ($ key); $ egiskeys = md5 (substr ($ fixedkey, 16, 16); $ runtoke Y = $ key_length? ($ Operation = 'encoding '? Substr (md5 (microtime (true),-$ key_length): substr ($ string, 0, $ key_length): ''; $ keys = md5 (substr ($ runtokey, 0, 16 ). substr ($ fixedkey, 0, 16 ). substr ($ runtokey, 16 ). substr ($ fixedkey, 16); $ string = $ operation = 'encoding '? Sprintf ('% 010d', $ expiry? $ Expiry + time (): 0 ). substr (md5 ($ string. $ egiskeys), 0, 16 ). $ string: base64_decode (substr ($ string, $ key_length); // 10-bit ciphertext expiration information + 16-bit plaintext and key-generated ciphertext verification information + plaintext $ I = 0; $ result = ''; $ string_length = strlen ($ string); for ($ I = 0; $ I <$ string_length; $ I ++) {$ result. = chr (ord ($ string {$ I}) ^ ord ($ keys {$ I % 32});} if ($ operation = 'encoding ') {return $ runtokey. str_replace ('=', '', base64_encode ($ result);} else {if (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0) & substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26 ). $ egiskeys), 0, 16) {return substr ($ result, 26);} else {return '';}}}