Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Encyrpted URL

Options
  • 30-06-2008 1:32pm
    #1
    corblimey
    Registered Users Posts: 4,475 ✭✭✭


    I have an fairly simple ecryption routine written in PHP that does, at its hear string replacement (there's more to it than that, but this is the basic). I encrypt certain IDs and send them out as URLs in emails, etc. I originally had all the keyboard characters in my buffer for replacement, but after 2 hours of debugging last night, I determined that a backslash in the resulting encypted value was being escaped and couldn't then be decrypted correctly.

    I was just wondering, since I stumbled on this backslash thing, are there any other characters I should be wary of having in URLs. I'm sure this question has been asked and answered many times, but my google-fu is letting me down.


Comments

  • Options
    #2
    matrim
    Registered Users Posts: 7,518 ✭✭✭matrim


    There's an RFC that specifics this. I think it's 1738 but google should confirm. Also check the HTTP specification which should give the full list of escaped characters (or at least point to the RFC for it).

    From the top of my head things like # ' " should also be considered.


  • Options
    #3
    daymobrew
    Registered Users Posts: 6,509 ✭✭✭daymobrew


    Could base64_encode help you out? Encrypt the data and then base_64_encode it.


  • Options
    #4
    corblimey
    Registered Users Posts: 4,475 ✭✭✭corblimey


    daymobrew wrote: »
    Could base64_encode help you out? Encrypt the data and then base_64_encode it.

    I'm not sure base64 is necessary - it's just a simple text URL, but I guess I should spend a little more time researching it - I was just hoping to remove 'special' characters from my encryption list and make the fix as simple as possible.


  • Options
    #5
    daymobrew
    Registered Users Posts: 6,509 ✭✭✭daymobrew


    corblimey wrote: »
    I'm not sure base64 is necessary - it's just a simple text URL, but I guess I should spend a little more time researching it - I was just hoping to remove 'special' characters from my encryption list and make the fix as simple as possible.
    I suggested the base64 as a way of converting special chars to ordinary chars.


  • Options
    #6
    Bluefrog
    Registered Users Posts: 1,045 ✭✭✭Bluefrog


    Doesn't get much simpler than base64_encode/decode.


  • Advertisement
  • Options
    #7
    corblimey
    Registered Users Posts: 4,475 ✭✭✭corblimey


    daymobrew wrote: »
    I suggested the base64 as a way of converting special chars to ordinary chars.
    So are you saying to use base64 to encode my string rather than my own encryption code? Or use base64 to encode my encrypted string?


  • Options
    #8
    daymobrew
    Registered Users Posts: 6,509 ✭✭✭daymobrew


    corblimey wrote: »
    So are you saying to use base64 to encode my string rather than my own encryption code? Or use base64 to encode my encrypted string?
    The latter - base64 *after* encryption.


  • Options
    #9
    Zombrex
    Closed Accounts Posts: 25,848 ✭✭✭✭Zombrex


    Just a note, normal base64 can be URL unsafe.

    There is a slightly different version called Modified base64 for URL that uses slightly different characters (for example "%" is replaced with "*" as far as I know) that provide a more robust system for passing data in URLs.

    Custom functions in PHP can be easily set up to provide a URL safe version of base64 encoding.

    Just something to be aware of

    http://ie.php.net/manual/en/function.base64-encode.php#63543
    http://ie.php.net/manual/en/function.base64-encode.php#81383


Advertisement