为了防止用户查看别的用户的数据,站长们后端做鉴权,还要加密 uid今天说的就是加密uid。
鉴权 这些,例如: $_SESSION['uid'] 里,每次请求的时候判断 $_GET['uid'] == $_SESSION['uid'] 是否为真。
php加密网站uid// 設定金鑰, 負責對資料進行加解密
$key = "ac181c517bdf24ce053556bb280a2dcb";
/**
* 加密函數
*/
function encrypt($str)
{
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
return base64_encode(trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, self::$key, $str, MCRYPT_MODE_ECB, $iv)));
}
/**
* 解密函數
*/
function decrypt($str)
{
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, self::$key, base64_decode($str), MCRYPT_MODE_ECB, $iv));
}
或者是权限判断的功能,比如根据cookie识别用户.
加/解密可以用OpenSSL AES:header('Content-Type: text/plain;charset=utf-8');
$data = 'phpbest';
$key = 'oScGU3fj8m/tDCyvsbEhwI91M1FcwvQqWuFpPoDHlFk='; //echo base64_encode(openssl_random_pseudo_bytes(32));
$iv = 'w2wJCnctEG09danPPI7SxQ=='; //echo base64_encode(openssl_random_pseudo_bytes(16));
echo '内容: '.$data."\n";
$encrypted = openssl_encrypt($data, 'aes-256-cbc', base64_decode($key), OPENSSL_RAW_DATA, base64_decode($iv));
echo '加密: '.base64_encode($encrypted)."\n";
$encrypted = base64_decode('To3QFfvGJNm84KbKG1PLzA==');
$decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', base64_decode($key), OPENSSL_RAW_DATA, base64_decode($iv));
echo '解密: '.$decrypted."\n";
喜欢我,就关注我吧