How to encode a number in PHP

Question

How to encode a number in PHP

Asked 9 years, 6 months ago

Viewed 698 times

3

I would like to know how to show a coded number to the user.

I have several lines in my tables and wanted to encode (only on the user side) the ID’s. I went looking for functions for this but only found md5 and sha1 but these generate very large keys.

There is one that generates a short key (+/- 6 to 8 digits or characters)?

It looks like you just want to mask the ID, if that’s just it, you can "add up" a number, something like, the id is 11 and you add up 28900 + 11 = 28911, so it would already be a way of masking. With md5, sha1 or crypt you cannot "decode". You can try using the crypy with Standard DES

– Guilherme Nascimento

2014/12/31 at 01:17
1

If it is important not to show the ID then it should not be used on the front even masked. What is the problem of seeing the ID? Maybe it’s a mistake of logic.

– Filipe Moraes

2014/12/31 at 01:49
is an online sales site with products from a store, so I need the id throughout the whole process (purchase, car, and history) to be able to do everything from showing the user to finalizing the purchase, then show the product id or even the purchase ide can pass information of how many products we have and also how many sales we see, then the ide of encoding these id’s would be in that direction.

– Aron Brivio

2014/12/31 at 02:03
2

I don’t know why "encrypt" making the ID an X-digit number and not use the proper functions for it. That doesn’t increase security in the system. Also, if the user has access to the ID, you are using a cookie, and nothing prevents the user from changing the ID 123456 to 654321...

– Papa Charlie

2014/12/31 at 06:03
Filipe Moraes, this is no mistake of logic. The purpose is commercial. In the database you can have an ID with 200 characters with numbers, letters, special characters, etc., but to show the client is not feasible. A very large code even if only numerical, is also a nuisance because imagine the customer on the phone talking to the customer service. The support asks the customer to spell the order code.. It loses a lot of time in the service and complicates, confuses.. Well, I think it did.. the case of attendance is a mere example. I edited the title for something more appropriate.

– Daniel Omine

2015/01/16 at 10:41

2 answers

2

As you said, the case of "security" is to prevent it is possible to deduce the number of products or customers, I suggest you use PHP. In case you can create a function in a document and include this document on all necessary pages with include, examples:

Example of functions, using a simple sum (assuming the name is helper.php):

<?php
define('MASK_SUM', 1288900);

function mascararId($id_sem_mask) {
    return MASK_SUM + $id_sem_mask;
}

function desmascararId($id_com_mask) {
    return $id_com_mask - MASK_SUM;
}

And you can change the value of MASK_SUM whenever you want.

Using:

<?php
include 'helper.php';

$id = 10;

$maskId = mascararId($id);

echo 'Mascarado:', $maskId, '<br>';
echo 'Desmascarado:', desmascararId($maskId), '<br>';

Online example on ideone

Browser other questions tagged php mysql

You are not signed in. Login or sign up in order to post.

by chambelix • **2,451** points · Answer 1 · 2015-01-03T12:46:02+00:00

The use of a coded value and according to what I understood in your question, may well be a BITFIELD. If you search for your definition in the WIKI you will find:

A bit field is a term used in computer Programming to store Multiple, Logical, neighboring bits, Where each of the sets of bits, and single bits can be addressed. A bit field is Most commonly used to represent integral types of known, Fixed bit-width. A well-known Usage of bit-Fields is to represent a set of bits, and/or series of bits, known as flags. [Citation needed] For example, the first bit in a bit field can be used to determine the state of a particular attribute Associated with the bit field.

In short... you can ensure the use of multiple contents in a single value (simplifying, using an integer that is more immediate). These may be BIT a BIT what defines states (on/off) or bit set values, for example a set of 4 bits can store from 0 to 15 (decimal).

For the programmer a BITFIELD is very useful, because when well implemented they greatly reduce the communications and the size of the information to be recorded in a database. In an integer 32 bits we can for example pass 32 different states in only 4 bytes.

In your specific case, you pose the question as identifier for records. Once again this type of mechanism will allow and depending on your imagination, gather more than one value. The example I put in 10 minutes is for 32 bits but if you need larger amplitudes can for example do the same for 64 bits values of 8 bytes. I created a file bitfield32.php and there I wrote this class with the same name:

class BitField32 {

    private $value;

    function __construct($value = 0) {
        $this->value = intval($value);
    }

    public function getHigh() {
        return ($this->value & 0xffff0000) >> 16;
    }

    public function getLow() {
        return $this->value & 0x0000ffff;
    }

    public function setHigh($value) {
        $hi16 = intval($value);
        if ($hi16 >= 0 && $hi16 < 0xffff) {
            $this->value = ($this->value & 0xffff) | ($value << 16);
        }
    }

    public function setLow($value) {
        $low16 = intval($value);
        if ($low16 >= 0 && $low16 < 0xffff) {
            $this->value = ($this->value & 0xffff0000) | $value;
        }
    }

    public function toHex() {
        return dechex($this->toHex());
    }

    public function toBits() {
        return decbin($this->value);
    }

    public function __toString() {
        return (string) $this->value;
    }

}

I think the code is quite explanatory , so I have not documented in the hope that you understand what is exposed. Now to use only need...

require 'BitField32.php';
$bf = new BitField32();
$bf->setHigh(365);
$bf->setLow(2015);

echo $bf, " ... "," high:", $bf->getHigh(), " low:", $bf->getLow();

According to this example, it can have a unique identifier, a 32-bit integer in the value of 23922655 and with it stores two fields of two distinct values that in the example are 365 and 2015.

If the example was for a 64 bit integer we can for example have two 32 bit ID’s and so you can 'mask' at most two 32 bit values.

In what I present I divide the 32 bits into two. The first 16 bits for one value and the second 16 bits for another value. But it does not have to be so. Its limit is 32 bits but may and depending on the desired implementation have more than one element.

I think I have answered some of your answer so far, but MYSQL is still missing, which is partly answered, but what about the advantages? Is it really worth having this mechanism from the point of view of MYSQL or already now for any other database.

A text INDEX field vs INDEX with a numeric, say the manuals and experience that are numerical by far the best option especially at the performance level. When protecting an implementation we must take this into account. When we start to look at large databases we begin to realize the impact that the use of a mechanism like the BITFIELD. Nowadays the storage space and communications on servers is paid, so are more reasons to add.

In conclusion, my answer has been a long time coming, and there was still much to talk about this subject and if the main reason is to mask values here you have an effective solution, with the ability to add safe value in future implementations and with clear advantages that not only mask.