Sending variables from one site to another using encrypted querystring

[eluser]Zeff[/eluser]
Dear all,

I have to redirect a user from one website to another (also hosed by my company), sending one (or even more) variable(s) by a querystring. I want to avoid that users see this querystring in plain text, so I encrypt it (by means of the encrypt library and a shared secret key), urlencode it and redirect ([removed] '[removed]'...) to the 'receiving' site.
In the receiving CI controller/method, I urldecode the querystring, and finally decrypt it using the same CI library encrypt and the shared key - symmetric encryption).
The weird thing is: sometimes it works (the variable is decrypted), sometimes not...
Is there someone who has experience with this matter?

If I don't encrypt the variable, it works fine...

Thanks in advance for your help!

Best regards,

Zeff

[eluser]gRoberts[/eluser]
This is how I would handle it:

Code:

// site a

$ToSend = array
(
  'A' => 'Something',
  'B' => 'Secret'
);
$Json = json_encode($ToSend);
$Encrypted = $this->encrypt->encode($Json, 'MySecretKey');
$Base64 = base64_encode($Encrypted);
redirect('http://www.siteb.com/controller/action/' . $Base64);

// site b

function action($Received)
{
  $ReceivedArray = json_decode(base64_decode($this->encrypt->decode($Received, 'MySecretKey')));
  var_dump($ReceivedArray);
  // should output array() { 'A' => 'Something', 'B' => 'Secret' }
}

Using json_encode and base64_encode, you can convert your array of parameters to send into json, encrypt it, then convert to Base64 so it can be safely transmitted as an querystring or uri segment.

On the receiving end, I would then simply reconstruct it using base64_decode, decrypt and json_decode back into an array.

Might be an easier, or better way but this seems the best I can "think" of.

[eluser]Zeff[/eluser]
Hi gRoberts,

Thanks for your advice, but I get the same problem: I didn't digg in the encrypt library, but I think a timestamp is used in the encrypt methods... Everytime I var_export the string after a page refresh (in your example on 'site a'), I get another code...
eg:
'lF1hyey5INucNcrbXGdroc5iciFKl0VKJqTNjOBHZcyRQ5XT/+KYkFWUg53aAbcbL3egp6pD6Cn48kx4BVSFIg=='
'eewkRdDBZEacw6BKGmK38Vq1jraiV8xASWzjOGnRTTY4wxd8grR8FjwtIjLaE/BjMj/9mAZqg2ph42PQvoJJSg=='
'FP7ekay9ISxsW0Gco97OKuHG7rtLdMlVzpPoQc2pgYTYn0QkEFw1fk998Rl2UlDO2ZpGU0RRM5NtKEWNI3aCgQ=='

Does anyone know why the base_64 encoded json-array has two equal signs at the end?

Thanks for the help!

Best regards,

Zeff

[eluser]gRoberts[/eluser]
Is there a problem with you having a different code each time?

Base64 sometimes appends an equals sign or two to the end, it's just how it works.

As for it not working, I feel that may be as a result of my example.

Try

Code:

$ReceivedArray = json_decode($this->encrypt->decode(base64_decode($Received), 'MySecretKey'));
  var_dump($ReceivedArray);

instead

[eluser]Zeff[/eluser]
Many thanks gRoberts! Correcting the sequence of the different decoding steps did it, I should have mentioned!

Cheers,

Zeff

[eluser]gRoberts[/eluser]
Sorry Zeff, I wasn't paying much attention and if I had of written the decoding sequence in the same style I had the encoding sequence, I don't think it would have happened

hope it works out for you

[eluser]gRoberts[/eluser]
Also, FYI, the reason for the one or two equals sign:

After encoding the non-padded data, if two octets of the 24-bit buffer are padded-zeros, two "=" characters are appended to the output; if one octet of the 24-bit buffer is filled with padded-zeros, one "=" character is appended. This signals the decoder that the zero bits added due to padding should be excluded from the reconstructed data. This also guarantees that the encoded output length is a multiple of 4 bytes.

lol I bet you wish you hadn't asked

[eluser]Zeff[/eluser]
Thanks, I owe you!