Encryption and Decrypion Security System 1.0

Encrypt and Decrypt values that are passed around in webid

  1. jjjason84
    Hello,

    Here is a security system that will encrypt and decrypt values that are passed around in the webid php files. You can use it to hide the real values and i use it in my script to hide the users sessions value so they would need to be decrypted and you can also use it to hide the value that are used in the address bar so it don't look like this http://domain.com/selling.php?paid=1 and would look like this http://domain.com/selling.php?paid=syeOnWBuOBk05CfWHJq/Mqw1uqf5ytztDXYswX60VuA= but there is a lot of things you can use it for. The encryption system use's 256-bit AES encryption and makes it harder to brute-force the coding to try to hack the server. You will need Mcrypt enabled on your server.

    open includes/functions_global.php
    Find

    PHP:
    ?>
    Add before
    PHP:
    class security
    {
        private 
    $private_key$iv;

        function 
    security()
        {
            
    # Private key that is used to encrypt and decrypt things
            # Change this to a different key and must be 32 characters or less
            
    $this->private_key 'ERw6W:&5$;_~WaNejtqRH*#d2(>4r%`6';
       
            
    # --- ENCRYPTION CIPHER ---
            
    $iv_size mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256MCRYPT_MODE_CBC);
            
    $this->iv mcrypt_create_iv($iv_sizeMCRYPT_RAND);
        }

        
    # Encrypt a value using AES-256.
        
    function encrypt($unencrypted_text)
        {
            return 
    trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256$this->private_key$unencrypted_textMCRYPT_MODE_ECB$this->iv)));
        }
        
    # Decrypt a value using AES-256.
        
    function decrypt($encrypted_text)
        {
            return 
    trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256$this->private_keybase64_decode($encrypted_text), MCRYPT_MODE_ECB$this->iv));
        }
    }
    Save/Close includes/functions_global.php

    Open common.php
    Find

    PHP:
    $system = new global_class();
    Add after
    PHP:
    $security = new security();
    Save/Close common.php
    Upload common.php and functions_global.php to your server


    Now to use the encryption and decryption system you would use the codes shown below.

    To encrypt use
    PHP:
    $security->encrypt(your unencrypted text here);
    and will turn to a random code like syeOnWBuOBk05CfWHJq/Mqw1uqf5ytztDXYswX60VuA=

    To decrypt use
    PHP:
    $security->decrypt(your encrypted code here);
    and will decrypt syeOnWBuOBk05CfWHJq/Mqw1uqf5ytztDXYswX60VuA= to the value that it was before it was encrypted.

    To fully use the encryption and decryption system you will need some knowledge of php.

    Example
    PHP:
    $_SESSION['WEBID_LOGGED_IN']         = $security->encrypt($user_data['id']); //test value we will use 100
    $_SESSION['WEBID_LOGGED_IN'] now will display syeOnWBuOBk05CfWHJq/Mqw1uqf5ytztDXYswX60VuA= and not 100

    PHP:
    $test $security->decrypt($_SESSION['WEBID_LOGGED_IN']);
    $test now will display 100

    If you use the encryption and decryption system make sure to change the change the key to a different key and must be 32 characters long or less.

    There is no download files and the webid forums made me pick that and all the codes are shown above.