php: Create Url Safe Encrypted String

The following code represents an easy way to create an encrypted string that can be passed in an URL.  While this method is adequate for email addresses, user names, and the like – it should not be used to encrypt mission-critical info or personal data such as Social Security numbers or credit card information.

Also, you will need to have the ‘mcrypt’ module enabled.  You can do this by opening your php.ini file and removing the ‘;’ just before ‘extension=php_mcrypt.dll’.

<?php
 
$cc=mencrypt("This is the string to be encrypted","key-change-this");
 
 
echo $cc.'<br />';
$dd=mdecrypt($cc,"key-change-this");
echo $dd.'<br />';
 
//encrypted value passed in url ie:
//http://yoursite.com/crypted.php?id=encrypted_string
if (isset($_GET["id"])){
$ee=$_GET["id"];
echo $ee.'<br />';
echo mdecrypt($ee,"key-change-this");
}
 
function mencrypt($input,$key){
$key = substr(md5($key),0,24);
$td = mcrypt_module_open ('tripledes', '', 'ecb', '');
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
mcrypt_generic_init ($td, $key, $iv);
$encrypted_data = mcrypt_generic ($td, $input);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
return trim(chop(url_base64_encode($encrypted_data)));
}
 
function mdecrypt($input,$key){
$input = trim(chop(url_base64_decode($input)));
$td = mcrypt_module_open ('tripledes', '', 'ecb', '');
$key = substr(md5($key),0,24);
$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
mcrypt_generic_init ($td, $key, $iv);
$decrypted_data = mdecrypt_generic ($td, $input);
mcrypt_generic_deinit ($td);
mcrypt_module_close ($td);
return trim(chop($decrypted_data));
}
 
function url_base64_encode($str){
return strtr(base64_encode($str),
array(
'+' => '.',
'=' => '-',
'/' => '~'
)
);
}
 
function url_base64_decode($str){
return base64_decode(strtr($str,
array(
'.' => '+',
'-' => '=',
'~' => '/'
)
));
}
?>

End Code.