-1

so I already managed how to decode and encode, this is done via 2 functions. So here is the example

http://goldextra.com/b/id_color.php

If you enter a word, it will get encoded, as shown in the result page. so if one enters = testword the url will be http://goldextra.com/b/balloony.php?name=testword

The thing is, instead I want the url to look like this http://goldextra.com/b/balloony.php?name=k484z52646w5i474 (of course the site itself should not show the encryption, but the word)

How do I have to change the code I have now, and do I have to change code in the Form site or the result site?

FORM CODE

 <form action="balloony.php" class="sign-up" method="get" class="sign-up">
<h1 class="sign-up-title">Whats the word?</h1>
<input type="text" class="sign-up-input" placeholder="Enter your baloony" name="name" autofocus>
<input type="submit" value="baloony it!" class="sign-up-button">

RESULT SITE

<?php
function encode($string,$key) {
$key = sha1($key);
$strLen = strlen($string);
$keyLen = strlen($key);
for ($i = 0; $i < $strLen; $i++) {
    $ordStr = ord(substr($string,$i,1));
    if ($j == $keyLen) { $j = 0; }
    $ordKey = ord(substr($key,$j,1));
    $j++;
    $hash .= strrev(base_convert(dechex($ordStr + $ordKey),16,36));
}
return $hash;
}

function decode($string,$key) {
$key = sha1($key);
$strLen = strlen($string);
$keyLen = strlen($key);
for ($i = 0; $i < $strLen; $i+=2) {
    $ordStr = hexdec(base_convert(strrev(substr($string,$i,2)),36,16));
    if ($j == $keyLen) { $j = 0; }
    $ordKey = ord(substr($key,$j,1));
    $j++;
    $hash .= chr($ordStr - $ordKey);
}
return $hash;
}
?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><? echo htmlspecialchars($_GET["name"]) . '!'; ?></title>
<style type="text/css">
.BIG {
    font-size: 250px;
font-weight: bold;
font-family: "Palatino Linotype", "Book Antiqua", Palatino, serif;
text-align: center;
}
</style>
</head>
<body class="BIG">


<?php
$name = htmlspecialchars($_GET['name']); 
$urlENC = encode( $name ,"whateverkey"); 
$urlDEC = decode( $urlENC ,"whateverkey"); 
echo htmlspecialchars($_GET["url"]) . '';
echo $urlENC; ?>
<br />
<? echo $urlDEC; ?>
TobiasH
  • 303
  • 2
  • 6
  • 21
  • You would need javascript to encode your values on form submit. But what is the exact purpose? If it is security, using ssl is a far better option. – jeroen Mar 13 '14 at 21:40
  • What you're trying to achieve is almost pointless, but I suppose the straightest way to do it is create a javascript function that encripts what you need :) – Kei Mar 13 '14 at 21:40
  • Ok, i want the URL contain the information that is in the form, so people can copypaste the LINK. but I dont want the people to know what is the content, just by looking at the url. @Kei how could I implement that function exactly? (as the rookie I am still...) – TobiasH Mar 13 '14 at 21:44

1 Answers1

1

So yes, you need to do it using javascript, but you can't use SHA because it will generate a hash, and you won't be able to get your data back on the server side. For my example I'll be using hex, which isn't very safe (it's very simple to decode) :

Javascript function :

function stringToHex (tmp) {
    var str = '';
    var tmp_len = tmp.length;
    var c = 0;
    for (var i=0; i < tmp_len; i++) {
        c = tmp.charCodeAt(i);
        str += c.toString(16);
    }
    return str;
}

Use this on your parameter before posting.

Now, PHP side :

function hexToStr($hex){
    $string='';
    for ($i=0; $i < strlen($hex)-1; $i+=2){
        $string .= chr(hexdec($hex[$i].$hex[$i+1]));
    }
    return $string;
}

There you go.

Loïc
  • 11,804
  • 1
  • 31
  • 49
  • By the way, I have never managed to use that code you provided in any way that would work. You think you could post the complete code for the Form and Result site? – TobiasH Oct 07 '14 at 22:16
  • You've got to be kidding dude. You asked for that question 7 months ago, and now you tell me it doesn't work? Plus you want me to do all the work?! I'm pretty sure you didn't even try. – Loïc Oct 08 '14 at 10:41
  • Well I did try, even immediatly after you posted. I just forgot to to tell you that it did not work, or at least I didnt manage... (also at that time, I didnt know this forum very well and how and when to comment) Sorry if that offended you. – TobiasH Oct 08 '14 at 10:45
  • And obviously you suddenly found my original question itself unclear/not useful, since you voted it down 7 month after you have replied to it. Anyway: I am sure you know what you were doing. Peace. – TobiasH Oct 11 '14 at 22:24