Jump to content

MCRYPT & Session Problem

php_king

By php_king
in PHP Coding Help

 Share

Recommended Posts

php_king Newbie

php_king

Posted
Posted

Hello all,

 

I have a slight problem with my coding on a login script. The login script basically encrypts the users username, password and ID in a cookie with this function:

function encrypt($text){

        return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SALT, $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));

    }

and then when I try to retrieve the same value after setting with this function:

function decrypt($text)

    {

        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SALT, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));

    }

It first gives me this output:

t¨‘žÃŽ^kè¦Ü=yà¸ìŸ2Œ£· _¢Ó

 

But when I refresh the page, it gives me the correct output that I wanted.

 

From the looks of it, it looks like it's compressed. I cannot find anything on google about it and I feel lost as to what to do. Help me plz :D

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

There is no reason to store that information in a cookie.

 

In any event, you say that the correct value is displayed after you refresh the page. If you are trying to set the cookie AND retrieve it on the same page load that is your problem. When you set a value in a cookie, you cannot retrieve it until the next page load.

 

http://php.net/manual/en/function.setcookie.php

Common Pitfalls:

Cookies will not become visible until the next loading of a page that the cookie should be visible for. To test if a cookie was successfully set, check for the cookie on a next loading page before the cookie expires. Expire time is set via the expire parameter. A nice way to debug the existence of cookies is by simply calling print_r($_COOKIE);

 

If that is your problem then there really is no problem. There is no reason to unencrypt the value you just encrypted since you have the original value in that same instance of that script.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.