0

I'm working on a project, where in that project I do base 64 encryption with the btoa () function from javascript then decrypt it using base64_encode () from php, in other files there is no problem but in this file the decryption function cannot decrypt it properly full
this is the code

$enc = isset($_GET['g'])?$_GET['g']:'';
$dec = base64_decode($enc);

the text : a||<p>b</p>||c||t||u||v||d||e|f|g|h|i||j||k|l|m|n||o||p|q|r|s
encrypted text : YXx8PHA+YjwvcD58fGN8fHR8fHV8fHZ8fGR8fGV8ZnxnfGh8aXx8anx8a3xsfG18bnx8b3x8cHxxfHJ8cw==
the output after decript : a||<p> b </p>

Fariz Budianto
  • 23
  • 1
  • 5
  • 1
    Have a read of [this](https://stackoverflow.com/q/1374753/2518525), or [this](https://stackoverflow.com/q/11206259/2518525) – Darren Aug 26 '20 at 04:52
  • How did you form your GET parameter `'g'`? Did you used [encodeURIComponent()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent) on it? – Koala Yeung Aug 26 '20 at 05:03
  • just the normal paramter like var link = btoa("the link that i want to encrypt"); and then just location.href= "somelink?g="+link; – Fariz Budianto Aug 26 '20 at 06:33

1 Answers1

1

I've tried the following code to test out. There are at least 2 methods to properly pass btoa result to PHP:

<?php

$enc = $_GET['g'] ?? '';

?>

<button type="button">Run</button>
<script>

document.querySelector('button[type=button]').addEventListener('click', function () {
        let str = 'a||<p>b</p>||c||t||u||v||d||e|f|g|h|i||j||k|l|m|n||o||p|q|r|s';

        // Method 1: encodeURIComponent
        window.location.href = '?g=' + encodeURIComponent(btoa(str));

        // Method 2: URLSearchParams
        window.location.href = '?' + (new URLSearchParams({'g': btoa(str)}).toString());
});

</script>

<?php if (!empty($enc)): ?>
        Result: <?=htmlspecialchars(base64_decode($enc))?>
<?php endif; ?>
Koala Yeung
  • 7,475
  • 3
  • 30
  • 50