PHP encrypted parameter sent by GET corrupted

Question

I am implementing a security verification of user by email. I am encrypting user email ID using base64_encode function and sending it to user email as a link.

Eg. mysite.php?token=sdjfh348+4h8hjheh+f8935ykjhfs_jkfh=938

When user clicks the link, I extract the token value and decrypts it using mcrypt_decrypt function. This should match the email in the database table.

When I am extracting the token value using $_GET['token'], I am not getting the exact value, symbols such as + in the value are missing. This leads to wrong decryption.

How to solve this issue?

`+` signs have a special meaning in URI's. Encode them. – PeeHaa Dec 22 '15 at 09:14 — PeeHaa, Dec 22 '15 at 09:14

score 0 · Answer 1 · answered Dec 22 '15 at 09:16

0

You need to URL encode GET variable if you want them to be sent correctly.

You can use the url_encode function in PHP.

answered Dec 22 '15 at 09:16

blue112

52,634
3
45
54

PHP encrypted parameter sent by GET corrupted

1 Answers1