堆栈内存溢出
  简体   繁体   English

无法使用 PHP 中的 openssl_decrypt 和 AES 解密 email 地址

[英]Unable to decrypt email address using openssl_decrypt & AES in PHP

 原文  2022-08-25 10:46:50       php/ encryption/ aes

问题描述

I'm trying to create an unsubscribe link for my email marketing system.我正在尝试为我的 email 营销系统创建一个取消订阅链接。 In the email I created an unsubscribe button and after it's clicked I'm trying to pass the email address and table id via the URL, with encryption like below:在 email 中,我创建了一个取消订阅按钮,单击它后,我试图通过 URL 传递 email 地址和表 ID,如下所示:

<?php 

$email_id = '123456';
$addto = 'test@gmail.com';

$email_id= openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto= openssl_encrypt("$addto", "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

 ?>

after click button url is like点击按钮 url 后就像

https://sub.example.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg==

unsbscribe.php: unsbscribe.php:

<?php

$eid    = $_GET['id'];
$eaddr  = $_GET['eadd'];

$eid    = openssl_decrypt($eid, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$eaddr  = openssl_decrypt($eaddr, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

?>
<p>Your Email Address is <address><?php echo $eaddr; ?></address></p>
<p>Your Id is: <?php echo $eid; ?></p>

Please check this link of my real project which will output $_get Data and unencrypted data also https://ems.vozcodex.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg== Please check this link of my real project which will output $_get Data and unencrypted data also https://ems.vozcodex.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg==

Using使用

var_dump($_GET);
Result: array(2) { ["id"]=> string(24) "bK2XGnJms0rzPuQOpvauGw==" ["eadd"]=> string(24) "WoN/K2t4xjKb057c EIhg==" }

I'm only able to decrypt the table id - which is '123456', but not the email address.我只能解密表 id - '123456',但不能解密 email 地址。 I tried various openssl_decrypt methods but am unable to decrypt the email address.我尝试了各种openssl_decrypt方法,但无法解密 email 地址。 email address always comes empty. email 地址总是为空。

Can you please help to point out the issue.你能帮忙指出问题吗。 I am using PHP 7.4 (ea-php74).我正在使用 PHP 7.4 (ea-php74)。

1 个解决方案

解决方案1
 2 已采纳  2022-08-25 12:40:57

It seems encoding of the + signs went wrong. +符号的编码似乎出错了。 Try url-encoding the encrypted values properly when generating the URL for the email, as suggested by Topaco in the comments.正如 Topaco 在评论中所建议的那样,在为 email 生成 URL 时,尝试正确地对加密值进行 url 编码。 + (and several other characters) has a special meaning in URLs. + (和其他几个字符)在 URL 中具有特殊含义。

eg something like:例如:

$email_id = openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto = openssl_encrypt($addto, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

$url = "https://sub.example.com/unsbscribe.php?id=".urlencode($email_id)."&eadd=".urlencode($encto);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP aes-128-gcm openssl_decrypt 仅在使用 openssl_encrypt 后有效 - PHP aes-128-gcm openssl_decrypt only works after using openssl_encrypt openssl_decrypt PHP 到 CryptoJS - openssl_decrypt PHP to CryptoJS openssl_decrypt 解密失败[PHP] - openssl_decrypt fails to decrypt[PHP] 尝试使用PHP的OpenSSL_encrypt / OpenSSL_decrypt加密/解密数据 - Tyring to encrypt/decrypt data using PHP's OpenSSL_encrypt/OpenSSL_decrypt 在webcrypt中加密aes-cbc在php中使用openssl_decrypt解密aes-256-cbc - Encrypting aes-cbc in webcrypto decrypting aes-256-cbc with openssl_decrypt in php PHP openssl_encrypt 和 openssl_decrypt aes-256-gcm 在 function 中不起作用 - PHP openssl_encrypt and openssl_decrypt aes-256-gcm not work if inside function openssl_decrypt的问题 - Problems with openssl_decrypt PHP-&#39;openssl_decrypt&#39;函数期望什么? - PHP - What is expected by 'openssl_decrypt' function? 如何使 openssl_decrypt 在 php 5 中工作 - How to make openssl_decrypt working in php 5 如何使用 openssl_decrypt 解密加密字符串 - How to decrypt an encrypted string using openssl_decrypt
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM