0

Passing 1000 of array variables through url and getting it back in another page.how can i encrypt url which is dynamically creating and de crypt back to original stage for further querying. my url is look like this :

http://example.com/abc/abc1.php?808=880&807=879&806=878&805=877&804=876&803=875&802=872&801=871&800=869&799=868&798=867&797=866&796=865&795=864&794=863&793=862&792=861&791=860&790=859&789=858&788=857&787=856&786=855&785=854&784=853&783=852&782=850&781=849&780=848&779=847&778=846&777=845&776=844&775=843&774=842&773=841&772=840

Code:

$rfinalarray = array_intersect($rarray1, $rarray2, $rarray3, $rarray4, $rarray5, $rarray6, $rarray7, $rarray8, $rarray9, $rarray10, $rarray12, $rarray13, $rarray14, $rarray15, $rarray16, $rarray17);
if (count($rfinalarray) > 0) {
    $arrayr = array_values($rfinalarray);
    arsort($arrayr);
    $ab = http_build_query($arrayr);

    header("HTTP/1.1 301 Moved Permanently");
    header("Location: http://example.com/abc.php?$ab");
} else {
    header("HTTP/1.1 301 Moved Permanently");
    header("Location: http://example.com/abc.php?search=noresult");
    unset($_SESSION['reals']);
}
Thamilhan
  • 13,040
  • 5
  • 37
  • 59
Alley
  • 17
  • 1
  • 1
  • 4
  • 2
    Have HTTPS do it for you. – JRD Oct 26 '15 at 05:35
  • 2
    Use post instead. Not a good approach. – akashBhardwaj Oct 26 '15 at 05:35
  • There's a limit to how many characters you can have in a URL bar. If you have `"1000 of array variables"`, then you'll be losing some through the redirect. – Darren Oct 26 '15 at 05:37
  • I wonder what sort of problem might couse you to send array with length of 1000 using any request method. Maybe you are approaching it from wrong angle, such solutions most often backfire. – xReprisal Oct 26 '15 at 05:39
  • Post?To pass data to another page....?Actually am trying to change the code that some one written.They pass the search result stored in array through url.here when data is too much its going to internal server error.So please suggest me the way to this search efficiently – Alley Oct 26 '15 at 05:41

2 Answers2

1

This is not good approach using GET, use POST instead. But for you information, try with this:

<?php
function encrypt_url($string) {
  $key = "MAL_979805"; //key to encrypt and decrypts.
  $result = '';
  $test = "";
   for($i=0; $i<strlen($string); $i++) {
     $char = substr($string, $i, 1);
     $keychar = substr($key, ($i % strlen($key))-1, 1);
     $char = chr(ord($char)+ord($keychar));

     $test[$char]= ord($char)+ord($keychar);
     $result.=$char;
   }

   return urlencode(base64_encode($result));
}

function decrypt_url($string) {
    $key = "MAL_979805"; //key to encrypt and decrypts.
    $result = '';
    $string = base64_decode(urldecode($string));
   for($i=0; $i<strlen($string); $i++) {
     $char = substr($string, $i, 1);
     $keychar = substr($key, ($i % strlen($key))-1, 1);
     $char = chr(ord($char)-ord($keychar));
     $result.=$char;
   }
   return $result;
}
?>

Took from here

Thamilhan
  • 13,040
  • 5
  • 37
  • 59
  • 1
    A Caesar cipher is not very secure. It's better to use some modern ciphers like AES through `openssl_encrypt` or libsodium. – Artjom B. Oct 26 '15 at 06:53
0

Updated approach saving data in hidden form and submitting the form on dom ready, onthe contrary the form could be submitted on an event too.

At ab.php

$array = serialize($ab);
<form action="ac.php" method="post" id="test">
     <textarea name="array" style="display:none;">
          <?php echo $array;?>
     </textarea>
</form>

Using jquery at ab.php :

$(document).ready(function(){
    $('form#test').submit();
});

@ ac.php you can get it via $_POST Hope that helps

akashBhardwaj
  • 159
  • 1
  • 13
  • Hi akash... $.ajax({ url: "abc/ab.php", // script to handle the post data type : "POST", data : "mypostdata=", success : function(response){ // json encoded response to show success if(response.success == true) { window.location = "http://example.com/ad/abc/ac.php"; } } }); i want to display the result in ac.php.So is this correct.Doesn't work for me – Alley Oct 26 '15 at 06:26
  • Encoding/serialization is no encryption. – Artjom B. Oct 26 '15 at 06:52
  • http://pastebin.com/emmnL74R Please see my query and tell me where am wrong... – Alley Oct 26 '15 at 07:15
  • Can i use session to get this array? – Alley Oct 26 '15 at 07:21
  • @ArtjomB. am **NOT** encoding the url data it's another approach please read the description – akashBhardwaj Oct 26 '15 at 12:56
  • You're hiding the data in the POST body through the use of PHP's serialize which serializes an array into a string. It's a form of encoding and has nothing to do with encryption. Furthermore, this is wrong, because the serialize result may contain binary data which may break the representation in JavaScript and may send wrong values. – Artjom B. Oct 26 '15 at 13:06
  • @ArtjomB. I think you get the overall idea wrong. My point was to **NOT ENCODE** anything at all, because encoded url data **just** to get data just feels wrong, what alley is looking for is just to submit data from one page ab.php to page ac.php, but he is doing it via GET which is wrong. **There was no mention of binary data anywhere** not even the example posted in the question. Make sense ? – akashBhardwaj Oct 26 '15 at 13:13
  • @Alley I have updated my answer to more simpler approach. Hope that helps. – akashBhardwaj Oct 26 '15 at 13:14
  • Thank you akashBhardwaj...Thanks for your effort and time. – Alley Oct 27 '15 at 04:08
  • @Alley Most welcome. Does that help ? – akashBhardwaj Oct 27 '15 at 05:22
  • I didn't try it.I use session to store that variable like $_SESSION['reals']=$ab; and call the session in next page.This is working for me.Is this having any drawbacks? I will try your code and acknowledge you and most thankful to you for helping me. – Alley Oct 27 '15 at 10:51