Failed to receive encrypted url variable

Question

Failed to receive encrypted url variable

jeiel Dec '15

Created Dec '15	Last Reply Dec '15	Replies 5	Views 693	Votes 0

jeiel 81.2k

Dec '15

This is where I send my link variable to another form

<td>
    <?php echo $this->tag->linkTo(array("spm_contacto/delete/" .$this->crypt->encryptBase64($spm_contacto->CONT_CODIGO), "<img src='" . $this->url->get("img/tolbar/Delete_32x32.png") . "'>Eliminar")); ?></td>

To which I test if sending values sent encrypted or not

<?php $prueba=$this->crypt->encryptBase64($spm_contacto->CONT_CODIGO);
echo $prueba;
echo $this->crypt->decryptBase64($prueba);
?>

This is the result SqVg4xBmCQIkHFT656DBiToN0Yz8k4w+wuQQfn+BtGa1bsyee3UsRJoFIX+rL1L2Zrhgl3XiDXGuEr5c4QT+Ew==0401014717 zqxExWmJDAIU1k7M3adUO/1C5U9ywUbp5ULlxwdYlQm1KO4REUvB9P9V1Rzden+LI4SiNMll5fWpdD7FZO4tyQ==0803784016 Ssau2QyuBBgc8eQa1cVl505zHH4wmwbOhz34pSZuDnDxOGx3DX1ztPrjdf9fTJh5knTWZQeCjr5ZZ6ShSLbBbw==0908868128 qHDZldcucpDezWYvXJBvQwTwf6eWHpZFRwqXFbMZahN/m6q6imhUKI36THEgoUdIT7UCIhGhp5o8cW3LnRjRvw==1713516779 b+eGob7Lk6DO5gFK8nBjIRXs/l4GvuR/BBjqifJV0MxwgqByQMwOZ82rSLfqx972k9BIU5b46k3SihgSjtKv1A==1716931553 Q5BTRerh8RQ25s74szSjtYJqWRp8tviO264+pyWdGf3EatO29L2JVobyVHN4zLE+7krYoxgDSAcB4un9ncl+YQ==1720566247 QZKy1oPBpukuR5SKdPOD5xs2sPVs5bMt1CLRxrzwYmo0bbjvFAiAe6aroWkFObTmoS/8jlilX6h1JL5smR8ejA==1721241899 jHV/9SJTDsUa19u7D9GH3SS4m+chAYk1mRNyfWmg+pacR27rpL3d4vEuP2+Th6vBnbukJ2/rgdzK29sqthPOmw==1723995336 yBbE/lPatFc68gplLvTdb/VQp0ehAAwVZnEi/FQSKcmDAQxd/Y6ue11OeZrW6k1w5aVu2y59HhizbGf9C9nQRg==1724130693 2s7ylO4QeNSPaVaBnF8gFJmRGq+Zu5bSyFlg0gHuMEUxzPGvZcShIxR8an5CUjtlDuTojZQrpi0x59GtFTMq9g==1724908197

In my controller that receives the variable is so

echo $CONT_CODIGO;
echo $this->crypt->decryptBase64(trim($CONT_CODIGO));
$spm_contacto = SpmContacto::findFirstByCONT_CODIGO($this->crypt->decryptBase64($CONT_CODIGO));
        if (!$spm_contacto) {
            $this->flash->error("spm_contacto was not found");

            return $this->dispatcher->forward(array(
                "controller" => "spm_contacto",
                "action" => "index"
            ));
        }

But the result is

C9YNI1bl4LQ0OBVoyMSybdVv4�8��C�9��K2�sspm_contacto was not found

xeleniumz · Answer 1 · 2015-12-25T18:45:37-07:00

use phalcon filter to remove symbol from base64 encrypt https://docs.phalcon.io/en/latest/reference/filter.html

<?php
use Phalcon\Filter;

$filter = new Filter();

echo $CONT_CODIGO;
$var =  $filter->sanitize($this->crypt->decryptBase64(trim($CONT_CODIGO)),"alphanum");
echo $var;
$spm_contacto = SpmContacto::findFirstByCONT_CODIGO($var);
        if (!$spm_contacto) {
            $this->flash->error("spm_contacto was not found");

            return $this->dispatcher->forward(array(
                "controller" => "spm_contacto",
                "action" => "index"
            ));
        }

jeiel · Answer 2 · 2015-12-25T22:48:27-07:00

this is the result

NMrllwMBUZ5y i0m4aFUKphKgORhx7Dsj0miIY1pgZvpESq26X22kpysI2055GD7cK2aeQHNEBLoHmMiGbfYig==Parameter 'text' must be a string

jeiel · Answer 3 · 2015-12-25T23:01:03-07:00

This is the code

        public function editAction($CONT_CODIGO) {
        if (!$this->request->isPost()) {
            echo $CONT_CODIGO;
            echo $this->crypt->decryptBase64(trim($CONT_CODIGO));
            $filter = new Filter();

        $var = $filter->sanitize($this->crypt->decryptBase64(trim($CONT_CODIGO)), "alphanum");
        echo $var;
        $spm_contacto = SpmContacto::findFirstByCONT_CODIGO($var);
        if (!$spm_contacto) {
            $this->flash->error("spm_contacto was not found");

            return $this->dispatcher->forward(array(
                        "controller" => "spm_contacto",
                        "action" => "index"
            ));
        }

        $this->view->CONT_CODIGO = $spm_contacto->CONT_CODIGO;

        $this->tag->setDefault("CONT_CODIGO", $spm_contacto->CONT_CODIGO);
        $this->tag->setDefault("CONT_CEDULA", $spm_contacto->CONT_CEDULA);
        $this->tag->setDefault("CONT_RUCIDE", $spm_contacto->CONT_RUCIDE);
        $this->tag->setDefault("CONT_NOMBRE", $spm_contacto->CONT_NOMBRE);
        $this->tag->setDefault("CON_ESTADO", $spm_contacto->CON_ESTADO);
        $this->tag->setDefault("CONT_TELEFO", $spm_contacto->CONT_TELEFO);
        $this->tag->setDefault("CONT_DIRECC", $spm_contacto->CONT_DIRECC);
        $this->tag->setDefault("CONT_AREA", $spm_contacto->CONT_AREA);
        $this->tag->setDefault("CONT_CARGO", $spm_contacto->CONT_CARGO);
        $this->tag->setDefault("CONT_TIPOXX", $spm_contacto->CONT_TIPOXX);
        $this->tag->setDefault("CONT_EMAIL", $spm_contacto->CONT_EMAIL);
        $this->tag->setDefault("CONT_USUARIO", $spm_contacto->CONT_USUARIO);
        $this->tag->setDefault("CONT_CLAVE", $spm_contacto->CONT_CLAVE);
        $this->tag->setDefault("CONT_CLAVEE", $spm_contacto->CONT_CLAVEE);
    }
}

this is the result

VCcgnHArMNScR�8��C�9��K2�sspm_contacto was not found

xeleniumz · Answer 4 · 2015-12-26T22:06:17-07:00

xeleniumz
11.0k

Dec '15

did you encrypt with key ?

jeiel · Answer 5 · 2015-12-26T22:12:55-07:00

This I have in my file no use my key services

$di->set('crypt', function () {

$crypt = new Crypt();

// Set a global encryption key
$crypt->setKey('abc');

return $crypt;
}, true);

xeleniumz · Answer 6 · 2015-12-27T02:02:47-07:00

I was try like your code but it didn't work , here is my code it 's ok and I'm using it

in my service

<?php
$di->set('crypt', function () {
    $crypt = new Phalcon\Crypt();
    return $crypt;
});

in my controller

<?php
    public function testAction(){
        $key = 'yourcryptkey';
        $text = 'test';
        $encrypt = $this->crypt->encryptBase64($text, $key);
        echo ' encrypt : ' . $encrypt . '<br/>';
        $decrypt =  $this->filter->sanitize($this->crypt->decryptBase64($encrypt,$key),'alphanum'); 
        echo 'decrypt : ' . $decrypt . '<br/>;
    }

hope it will work with you too.

jeiel · Answer 7 · 2015-12-27T05:48:15-07:00

Encryption and decryption at the same time if it works, the problem is that I want to send a variable to encrypt and decrypt URL in another form, that's when the problem occurred

xeleniumz · Answer 8 · 2015-12-27T07:24:31-07:00

xeleniumz
11.0k

Dec '15

sorry I was wrong, when i use encrypt variable i didn't send via URL. I use ajax and it work

jeiel · Answer 9 · 2015-12-27T07:35:58-07:00

jeiel
81.2k

Dec '15

You could show me the code.

xeleniumz · Answer 10 · 2015-12-27T22:32:07-07:00

Ok this is my example code

services.php

<?php
$di->set('crypt', function () {
    $crypt = new Phalcon\Crypt();
    return $crypt;
});

DashboardController.php


<?php

class DashboardController extends ControllerBase
{

    public function initialize() {
        $this->tag->setTitle('Dashboard');
        parent::initialize();
        $this->view->setTemplateAfter('main');
    }

    public function typeAction(){
        $key = 'test';
        $text = 'Type';
        $encrypted = $this->crypt->encryptBase64($text, $key);
        $this->view->instance = $encrypted;
    }
}

dashboard type view

<?php

<div id="renderModal">
</div>

<div class="modal fade" id="showDelModal" tabindex="-1" role="basic" aria-hidden="true">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-hidden="true"></button>
                <h4 class="modal-title">Confirm</h4>
            </div>
            <div class="modal-body">
                <div class="form-body">
                    <div class="alert alert-warning" id="showMsg"></div>
                    <input type="hidden" id="typeId">
                </div>
                <div class="modal-footer">
                    <button class="btn default" data-dismiss="modal">Colse</button>
                    <button class="btn green"   data-dismiss="modal" id="btnConfirm" Ok<button>
                </div>
            </div>
        <!-- /.modal-content -->
    </div>
    <!-- /.modal-dialog -->
    </div>
</div>

<div class="portlet light">
    <div class="portlet-title">
        <div class="caption">
            <i class="icon-basket font-green-sharp"></i>
            <span class="caption-subject font-green-sharp bold uppercase">
            # Stock </span>
        </div>
    </div>
    <div class="portlet-body">
        <div class="table-container">
            <div class="form-group">
                <button class="btn btn-primary"  id="renderData"><i class="fa fa-plus"></i>  Add<button>
            </div>
            <table class="table table-striped table-bordered table-hover" id="datatable_ajax">
                                    <thead>
                                    <tr role="row" class="heading">

                                        <th width="5%">
                                            #
                                        </th>
                                        <th width="15%">
                                             Name
                                        </th>
                                        <th width="15%">
                                             Price
                                        </th>
                                        <th width="10%">
                                             Quality
                                        </th> 
                                        <th width="10%">            
                                        </th>

                                    </tr>
                                    </thead>
                                    <tbody>
                                    </tbody>
                                    </table>
        </div>
    </div>
</div>

<script type="text/javascript">
$('document').ready(function(){
    $('#renderData').click(function(){
        $( "#renderModal" ).load( '{{url("frm/modal/product")}}', function() {
            $('#posModal').modal('show');
        });  
    });

    $('#datatable_ajax').dataTable( {
        "processing": true,
        "serverSide": true,
        "ajax": {
            "url": "{{url('datatable/get')}}",
            "data":{
                "instance":"{{instance}}" # here is my encrypt variable
            },
            "type": "POST"
        },
        "columns": [
            { "data": "num" },
            { "data": "name" },
            { "data": "price" },
            { "data": "total" },
            { "data": "DT_RowId" },
        ]
    } );
});

</script>

DatatableController.php

<?php
use \DataTables\DataTable;
use Phalcon\Mvc\View;

class DatatableController extends ControllerBase
{
    public function initialize() {
        parent::initialize();
        $this->view->disableLevel(View::LEVEL_MAIN_LAYOUT);
    }

    public function getAction($tb=''){

        $this->view->disable();
        if($this->request->isAjax() == TRUE){
            $encrypted    = $this->request->getPost('instance');
            $table        = $this->filter->sanitize($this->crypt->decryptBase64($encrypted,'test'),'alphanum'); 
            echo $table;
        }
    }
}

when you echo this $instance variable it will show 'Type' sorry for my bad english.