当我将带有表单的加密变量“$ variable_package”传递给我时,我的数据传递给page2.php并且去掉了一段时间。
page1.php中
function encrypString($plaintext) {
$key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");//change this
$key_size = strlen($key);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM);
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_CBC, $iv);
$ciphertext = $iv . $ciphertext;
$ciphertext_base64 = base64_encode($ciphertext);
return rawurlencode($ciphertext_base64);//important rawurlencode for + symbol in url
}
$variable_package_create = 'record_id=' . $record_id .
'&rate=' . $rate .
'&cart_owner=' . $cart_owner .
'&shop_name=' . $p_shop_name .
'&items_in_cart=' . $items_in_cart .
'&p_weight=' . $p_weight .
'&p_length=' . $p_length .
'&p_width=' . $p_width .
'&p_height=' . $p_height .
'&longitude=' . $longitude .
'&latitude=' . $latitude .
'&category_input=' . $category_input .
'&qr_shop_name=' . $p_shop_name .
'&end&previous_records=' . $previous_records .
'&end3 &end&next_records=' . $next_records .
'&end2';
$variable_package = encrypString($variable_package_create);
echo '
<form action="page2.php?variable_package=' . $variable_package . '" method="post">';
?>
<button type="submit" >Purchase</button>
</form>
使page2.php
所以page2.php de-crypts和echo是$ variable包的加密和DE加密版本。
variable_package = Puuyg7dRNPeIBP7YXX3Wvybz8yoL / he3nnI44gUWEqQoDNlveW0kXLX5qAeFYua3LyaWlogHLGAW34cYpeooyrDYNJYZkBqK8pX1bF41wW / OoxueXzxj5vJTEHHKI9lNLWLIS16OvzHSVh92rHNt + 1LP / 8YW77YConBkJ + cc1lT6wXcHKnGeJp0fzPP + uX5rKyXCQspPZpyOmGRf3PGP7DfKj35InoUn + hmix89SwVmuOQG918dmSePWmGa55N8AKvZRlL + pxLkazMaKAZEEEHa9usVqez9xhdcmSCyDGPu2joV46nxn + MaWJMuagkBxMAOYTi4PgcBtE4LrxTH4 + zctfSu53OwieyyCsRikIu14L3A / 3OLgIL / VK2p5 / JwM2yQ7yM8BlkNu5 + Alwml4Zg ==
variable_package_decode = record_id = 4&amp; rate = .089&amp; cart_owner = 198.143.34.97&amp; shop_name = Lillys Flower Shop DEMO&amp; items_in_cart =&amp; p_weight =&amp; p_length =&amp; p_width =&amp; p_height =&amp; longitude = -117.1561301&amp; latitude = 47.6485811&amp; category_input =&amp; qr_shop_name = Lillys Flower Shop DEMO&amp; end&amp; previous_records = 1&amp; end3&amp; end&amp; next_records =&amp; end2
然后第2页使用ajax脚本将$ variable_package发送到page3.php
使page2.php
function decryptString($ciphertext_base64) {
$key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");//change this
$key_size = strlen($key);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM);
$ciphertext_dec = base64_decode($ciphertext_base64);
$iv_dec = substr($ciphertext_dec, 0, $iv_size);
$ciphertext_dec = substr($ciphertext_dec, $iv_size);
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
return rawurldecode($plaintext_dec);
}
$variable_package = isset($_REQUEST['variable_package']) ? $_REQUEST['variable_package'] : "";
echo '<br><br><br><br><br>variable_package =' . $variable_package;
if(strlen($variable_package) > 4) {
$variable_package_decode= decryptString($variable_package);
echo '<br>variable_package_decode =' . $variable_package_decode;
}
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script>
$(document).ready(function(){
if(navigator.geolocation){
navigator.geolocation.getCurrentPosition(showLocation);
}else{
$('#location').html('Geolocation is not supported by this browser.');
}
});
function showLocation(position){
var variable_package = "<?php echo $variable_package ?>";
$.ajax({
type:'POST',
url:'page3.php?',
data:'variable_package='+variable_package,
success:function(msg){
if(msg){
$("#location").html(msg);
}else{
$("#location").html('Not Available');
}
}
});
}
</script>
page3.php
function decryptString($ciphertext_base64) {
# --- DECRYPTION ---
$key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");//change this
$key_size = strlen($key);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM);
$ciphertext_dec = base64_decode($ciphertext_base64);
$iv_dec = substr($ciphertext_dec, 0, $iv_size);
$ciphertext_dec = substr($ciphertext_dec, $iv_size);
$plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
return rawurldecode($plaintext_dec);
}
$variable_package = isset($_REQUEST['variable_package']) ? $_REQUEST['variable_package'] : "";
echo '<br><br><br><br><br>variable_package =' . $variable_package;
if(strlen($variable_package) > 4) {
$variable_package_decode= decryptString($variable_package);
echo '<br><br><br><br><br>page3.php';
echo '<br>variable_package_decode =' . $variable_package_decode;
}
现在page3.php echo是$ variable包的加密版本,它看起来与page2.php上的回显相同。在我解密之前,这似乎很好。 DE加密的字符串包含所有那些有趣的字符。我的数据似乎已损坏或未正确加密。
variable_package = Puuyg7dRNPeIBP7YXX3Wvybz8yoL / he3nnI44gUWEqQoDNlveW0kXLX5qAeFYua3LyaWlogHLGAW34cYpeooyrDYNJYZkBqK8pX1bF41wW / OoxueXzxj5vJTEHHKI9lNLWLIS16OvzHSVh92rHNt 1LP / 8YW77YConBkJ cc1lT6wXcHKnGeJp0fzPP uX5rKyXCQspPZpyOmGRf3PGP7DfKj35InoUn hmix89SwVmuOQG918dmSePWmGa55N8AKvZRlL pxLkazMaKAZEEEHa9usVqez9xhdcmSCyDGPu2joV46nxn MaWJMuagkBxMAOYTi4PgcBtE4LrxTH4 zctfSu53OwieyyCsRikIu14L3A / 3OLgIL / VK2p5 / JwM2yQ7yM8BlkNu5 Alwml4Zg ==
variable_package_decode = record_id = 4&amp; rate = .089&amp; cart_owner = 198.143.34.97&amp; shop_name = Lillys FlowerShopDEMO R, [ I &amp;oH fjJ 3 c81JW:!3个T R * U = AOIR%L4V TGќ8`(S; W7 [X0-rwKs'的百分比抑制率@ \ ” b j= +D y + ( t4 p 0= 7s 萣9- +p x߭ q ̘ ̘ T < / p>
如您所见,我的一些数据是DE-crypting,例如record_id,cart_owner和shop_name。其余的都是胡言乱语,任何帮助都会非常感激