[英]Unable to decrypt email address using openssl_decrypt & AES in PHP
I'm trying to create an unsubscribe link for my email marketing system.我正在尝试为我的 email 营销系统创建一个取消订阅链接。 In the email I created an unsubscribe button and after it's clicked I'm trying to pass the email address and table id via the URL, with encryption like below:
在 email 中,我创建了一个取消订阅按钮,单击它后,我试图通过 URL 传递 email 地址和表 ID,如下所示:
<?php
$email_id = '123456';
$addto = 'test@gmail.com';
$email_id= openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto= openssl_encrypt("$addto", "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
?>
after click button url is like点击按钮 url 后就像
https://sub.example.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg==
unsbscribe.php: unsbscribe.php:
<?php
$eid = $_GET['id'];
$eaddr = $_GET['eadd'];
$eid = openssl_decrypt($eid, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$eaddr = openssl_decrypt($eaddr, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
?>
<p>Your Email Address is <address><?php echo $eaddr; ?></address></p>
<p>Your Id is: <?php echo $eid; ?></p>
Please check this link of my real project which will output $_get Data and unencrypted data also https://ems.vozcodex.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg== Please check this link of my real project which will output $_get Data and unencrypted data also https://ems.vozcodex.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c++EIhg==
Using使用
var_dump($_GET);
Result: array(2) { ["id"]=> string(24) "bK2XGnJms0rzPuQOpvauGw==" ["eadd"]=> string(24) "WoN/K2t4xjKb057c EIhg==" }
I'm only able to decrypt the table id - which is '123456', but not the email address.我只能解密表 id - '123456',但不能解密 email 地址。 I tried various
openssl_decrypt
methods but am unable to decrypt the email address.我尝试了各种
openssl_decrypt
方法,但无法解密 email 地址。 email address always comes empty. email 地址总是为空。
Can you please help to point out the issue.你能帮忙指出问题吗。 I am using PHP 7.4 (ea-php74).
我正在使用 PHP 7.4 (ea-php74)。
It seems encoding of the +
signs went wrong. +
符号的编码似乎出错了。 Try url-encoding the encrypted values properly when generating the URL for the email, as suggested by Topaco in the comments.正如 Topaco 在评论中所建议的那样,在为 email 生成 URL 时,尝试正确地对加密值进行 url 编码。
+
(and several other characters) has a special meaning in URLs. +
(和其他几个字符)在 URL 中具有特殊含义。
eg something like:例如:
$email_id = openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto = openssl_encrypt($addto, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$url = "https://sub.example.com/unsbscribe.php?id=".urlencode($email_id)."&eadd=".urlencode($encto);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.