09-25-2020, 05:22 AM
Hi, in my project I need to store category id in category edit page inside a hidden field. Then, after form submit I want to update that particular category. To achieve this, in a secured approach, I used Encryption service of CodeIgniter 4.
Note: In the App\Config\Encryption.php file, I already set the "base 64" encoded value for "key" property that I got after executing createKey() static function of the Encryption class.
Also, I included that Encryption class with its namespace that is "CodeIgniter\Encryption\Encryption".
Below code is for the editCategory function, where I create the encryption key, then using that key I encrypt category id. Finally, I pass that to the "edit_category" view file.
In edit_category.php file, I pass the encrypted category id to the updateCategory function.
Code snippet for hidden field in edit_category.php is written below.
Codes for updateCategory function is shown below, in that function I wanted to display the decrypted version of the category id.
Have I done any mistake? Please help.
Note: In the App\Config\Encryption.php file, I already set the "base 64" encoded value for "key" property that I got after executing createKey() static function of the Encryption class.
Also, I included that Encryption class with its namespace that is "CodeIgniter\Encryption\Encryption".
Below code is for the editCategory function, where I create the encryption key, then using that key I encrypt category id. Finally, I pass that to the "edit_category" view file.
PHP Code:
public function editCategory($categoryId) {
$data = [];
$data['title'] = 'Edit Category';
/**
* Access Configuration settings for the Encryption file
*/
$config = config('Encryption');
/**
* Generate base64 encoded representation of the encryption key
*/
$key = base64_encode(Encryption::createKey(32));
$configuration = new \Config\Encryption();
$configuration->key = $key;
$configuration->driver = 'OpenSSL';
$encrypter = \Config\Services::encrypter($configuration);
$categoryModel = new CategoryModel();
$category = $categoryModel->where('id', $categoryId)->first();
$categoryId = $category['id'];
$encryptedCategoryId = $encrypter->encrypt($categoryId);
// echo $encryptedCategoryId;die;
$data['category'] = $category;
$data['categoryId'] = $encryptedCategoryId;
echo view('templates/admin_header', $data);
echo view('admin/category/edit_category', $data);
echo view('templates/admin_footer');
}
In edit_category.php file, I pass the encrypted category id to the updateCategory function.
Code snippet for hidden field in edit_category.php is written below.
PHP Code:
<input type="hidden" name="categoryId" value="<?= isset($categoryId) ? $categoryId : '' ?>">
Codes for updateCategory function is shown below, in that function I wanted to display the decrypted version of the category id.
PHP Code:
public function updateCategory() {
$data = [];
$data['title'] = 'Edit Category';
$validation = \Config\Services::validation();
$rules = $validation->getRuleGroup('categoryCreate');
if(!$this->validate($rules)) {
$data['validation'] = $this->validator;
echo view('templates/admin_header', $data);
echo view('admin/edit_category', $data);
echo view('templates/admin_footer');
} else {
$catId = $this->request->getPost('categoryId');
// configure the encryption service properly, before decrypting
$config = new \Config\Encryption();
// load the Encryption.php file's configuration settings
$configValues = config('Encryption');
$config->key = base64_decode($configValues->key);
$config->driver = 'OpenSSL';
$encrypter = \Config\Services::encrypter($config);
$decryptedCatId = $encrypter->decrypt($catId);
die('category id: '. $decryptedCatId);
}
}
Have I done any mistake? Please help.