【发布时间】:2023-03-05 14:38:01
【问题描述】:
我正在使用以下 php 代码从一个页面传递信息..
Index.php 页面:
<?php
include("secure/content/database/db.php");
$sql = mysql_query("SELECT * FROM press");
while($re = mysql_fetch_array($sql))
{
$id= (int) $re['id'];
$key = "bladeyeshibbir?1%59";
$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)
$encrypted_data=mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $id, MCRYPT_MODE_ECB, $iv);
$id = urlencode(base64_encode($encrypted_data));
$page = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));
echo "<li><a href='press.php?id=$id&request=$md'>$page</a></li>";
}
?>
Press.php 页面
<?php
include("secure/content/database/db.php");
include("header.php");
$id = $_REQUEST["id"];
$key = "bladeyeshibbir?1%59#";
$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)
$decrypted_data=mcrypt_decrypt(MCRYPT_3DES, $key, $id, MCRYPT_MODE_CBC, $iv);
$url_id = base64_decode(urldecode($decrypted_data));
$request = $_REQUEST['request'];
$sql = mysql_query("SELECT * FROM press WHERE id='$url_id' ");
$re = mysql_fetch_array($sql);
$pagename = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));
echo "<title>$pagename</title>";
echo $content;
include("fotter.php");
?>
但是我收到了这个错误:
警告:mcrypt_decrypt() [function.mcrypt-decrypt]:尝试使用 空 IV,不建议在 C:\xampp\htdocs\audock\press.php 中使用 在第 10 行。
其实我想要的是用户看不到查询字符串变量的实际值。
【问题讨论】: