PHP加密与实际应用
数据加密可以简单的理解为:明文(文件或者数据)-->算法处理-->不可读的密文,进而达到加密的效果。
php中的几种加密方式
md5加密算法
crypt算法
sha1加密算法
URL编码技术编码
base64编码
其中 md5、crypt、sha1 都是单向加密算法 (对不同长度的信息进行散列计算,得到固定长度的输出,这个过程是单向的,不能通过对固定长度的输出通过计算得到输入信息)。
md5()加密算法
string md5 ( string $str [, bool $raw_output = false ] )
以 32 字符十六进制数字形式返回散列值。
如果可选的 raw_output 被设置为 TRUE,那么 MD5 报文摘要将以原始的 16 位二进制格式返回。
header("Content-type:text/html;charset=utf-8"); $name = "yuesir"; echo md5($name); echo "<hr/>"; echo md5($name, true);e217951255a1f0b2c9d8fea477af795e??U???????w?y^
Crypt()加密算法
string crypt ( string $str [, string $salt ] )
$salt是加密是的干扰码,使编码更安全;可选的盐值字符串。如果没有提供,算法行为将由不同的算法实现决定,并可能导致不可预料的结果
crypt() 返回一个基于标准 UNIX DES 算法或系统上其他可用的替代算法的散列字符串。
如果没有提供盐值,PHP 将自动生成一个 2 个字符(DES)或者 12 个字符(MD5)的盐值
note:
如果加密是没有加上 $salt 这个参数,将随机生成一个干扰码,否则刷新加密密文不变
header("Content-type:text/html;charset=utf-8"); $name = "yuesir"; echo crypt($name); echo "<hr/>"; echo crypt($name, 'hello');$1$BG2.0N3.$zysIbnXYFkPyqr9g8XFo/1 heS64YGnAn6Wc
**$1$BG2.0N3.$** 是通过 CRYPT_MD5 生成的散列值特征是以 $1$开头,以$结束,其间有不超过8位的随机字符,$之后的是密文正文
sha1() 加密算法
string sha1 ( string $str [, bool $raw_output = false ] )
如果可选的 raw_output 参数被设置为 TRUE,那么 sha1 摘要将以 20 字符长度的原始格式返回,否则返回值是一个 40 字符长度的十六进制数字。
header("Content-type:text/html;charset=utf-8"); $name = "yuesir"; echo sha1($name); echo "<hr/>"; echo sha1($name, 'hello');1b15630e04990268e3f64c32a119417642fb98d0 c?h??L2?AvB???
和md5()差不多,但返回的字符串长度更长(40位) 由于此函数依赖的算法已不足够复杂,不推荐使用此函数对明文密码加密
URL编码技术
string urlencode ( string $str )
返回字符串,此字符串中除了 -_. 之外的所有非字母数字字符都将被替换成百分号(%)后跟两位十六进制数,空格则编码为加号(+)
header("Content-type:text/html;charset=utf-8"); $url = "http://yufu.me?q=hello world + 你好&username=&"; echo urlencode($url) . "<br/>"; echo "<a href='".urlencode($url)."'>点我</a>";http%3A%2F%2Fyufu.me%3Fq%3Dhello+world+%2B+%E4%BD%A0%E5%A5%BD%26username%3D%26amp点我
urldecode
string urldecode ( string $str )
解码已编码的 URL 字符串, 解码给出的已编码字符串中的任何 %##。返回解码后的字符串
header("Content-type:text/html;charset=utf-8"); $url = "http://yufu.me?q=hello world + 你好&username=&"; echo urlencode($url) . "<hr/>"; echo urldecode("http%3A%2F%2Fyufu.me%3Fq%3Dhello+world+%2B+%E4%BD%A0%E5%A5%BD%26username%3D%26amp");----------http%3A%2F%2Fyufu.me%3Fq%3Dhello+world+%2B+%E4%BD%A0%E5%A5%BD%26username%3D%26amphttp://yufu.me?q=hello world + 你好&username=&注意到 username 的值& 被浏览器解析成了 &
解决方法是:
较为简单的解决办法是使用 & 代替 & 作为分隔符。你不需要为此修改 PHP 的 arg_separator。让它仍为 &,而仅使用 htmlentities() 或 htmlspecialchars() 对你的 URL 进行编码。
base64加密技术
string base64_encode ( string $data )
使用 MIME base64 对数据进行编码, 是为了使二进制数据可以通过非纯 8-bit 的传输层传输,例如电子邮件的主体; Base64-encoded 数据要比原始数据多占用 33% 左右的空间
base64_decode
string base64_decode ( string $encoded_data )
对使用 MIME base64 编码的数据进行解码,返回原始数据,失败则返回 FALSE。返回的数据可能是二进制的
$img_path = 'image/1_meitu_1.jpg'; $data = file_get_contents($img_path); echo base64_encode($data); echo "<img src='data:image/jpeg;base64,".base64_encode($data)."'/ alt="PHP加密与实际应用" >";
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'?
Apr 01, 2025 am 07:21 AM
Alipay PHP...
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
How does session hijacking work and how can you mitigate it in PHP?
Apr 06, 2025 am 12:02 AM
Session hijacking can be achieved through the following steps: 1. Obtain the session ID, 2. Use the session ID, 3. Keep the session active. The methods to prevent session hijacking in PHP include: 1. Use the session_regenerate_id() function to regenerate the session ID, 2. Store session data through the database, 3. Ensure that all session data is transmitted through HTTPS.
Describe the SOLID principles and how they apply to PHP development.
Apr 03, 2025 am 12:04 AM
The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.
How to debug CLI mode in PHPStorm?
Apr 01, 2025 pm 02:57 PM
How to debug CLI mode in PHPStorm? When developing with PHPStorm, sometimes we need to debug PHP in command line interface (CLI) mode...
How to automatically set permissions of unixsocket after system restart?
Mar 31, 2025 pm 11:54 PM
How to automatically set the permissions of unixsocket after the system restarts. Every time the system restarts, we need to execute the following command to modify the permissions of unixsocket: sudo...
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
Framework Security Features: Protecting against vulnerabilities.
Mar 28, 2025 pm 05:11 PM
Article discusses essential security features in frameworks to protect against vulnerabilities, including input validation, authentication, and regular updates.
