Yii Framework Forum: Url Management -Edit Id Encrytion In Cgridview - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Url Management -Edit Id Encrytion In Cgridview Edit/View id encrytion in cgridview Rate Topic: *---- 1 Votes

#1 User is offline   dhanakumar 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 25
  • Joined: 26-December 12
  • Location:Coimbatore,Tamilnadu

  Posted 26 April 2013 - 01:44 AM

In framework file : CButtonColumn.php
1. change the updateButtonUrl variable,
public $updateButtonUrl='Yii::app()->controller->createUrl("update",array("id"=>base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5("testKey"), $data->primaryKey, MCRYPT_MODE_CBC, md5(md5("testKey"))))))';

2. Use the public function actionUpdate($id)
{

$id =rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5("testKey"), base64_decode($id), MCRYPT_MODE_CBC, md5(md5("testKey"))), "\0");
echo $id;exit;
-
Dhana.M
0

#2 User is offline   lubosdz 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 115
  • Joined: 25-July 10
  • Location:Slovakia, Bratislava

Posted 26 April 2013 - 04:03 AM

looks like you are going to kill a fly with a big hammer:-)
you could use performance-wiser 2-way algoritm to disguise submitted id, such as

idEncoded = base64_encode(str_rot13(id));
idDecoded = base64_decode(str_rot13(idEncoded));

or a simple character substitution...

Since ID as primary key is very short,it can be easily broken down within few seconds with brutal force guess.
Using str_rot13 (or character substitution) is roughly 130x faster
(cca 0.524 secs agains 0.003 secs for 1000 loops)

Cheers
Lubos
Yii extension: Captcha Extended

Greatest discoveries in 22nd century will be about the gravitation. | http://www.synet.sk | http://ipdf.sk
1

#3 User is offline   dhanakumar 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 25
  • Joined: 26-December 12
  • Location:Coimbatore,Tamilnadu

  Posted 26 April 2013 - 11:39 PM

Hi,

i have try to below code .. but cannot decrypt..



View Postlubosdz, on 26 April 2013 - 04:03 AM, said:

looks like you are going to kill a fly with a big hammer:-)
you could use performance-wiser 2-way algoritm to disguise submitted id, such as

idEncoded = base64_encode(str_rot13(id));
idDecoded = base64_decode(str_rot13(idEncoded));

or a simple character substitution...

Since ID as primary key is very short,it can be easily broken down within few seconds with brutal force guess.
Using str_rot13 (or character substitution) is roughly 130x faster
(cca 0.524 secs agains 0.003 secs for 1000 loops)

Cheers
Lubos

-
Dhana.M
0

#4 User is offline   Dineshkumar 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 19
  • Joined: 26-April 13
  • Location:Coimbatore

Posted 27 April 2013 - 04:29 AM

Hi all,

i am also using the encryption.. but it doesn't work properly
With Lots of Love,
Dinesh
0

#5 User is offline   le_top 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 317
  • Joined: 08-June 10
  • Location:France

Posted 27 April 2013 - 08:44 AM

idDecoded = str_rot13(base64_decode(idEncoded));
is surely better.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users