调用未定义的函数 ecrypt()
Call to undefined function ecrypt()
错误:致命错误:调用未定义函数 ecrypt()
代码在锚中没有 ecrypt 函数调用的情况下一切正常。我想保护它免受代码注入。为什么会出现上述错误?
查看:
<?php
echo anchor("resetPasswordController/delete_news/".ecrypt($content1['id']),
'<i class="fa fa-trash-o fa-fw"></i>Delete','id="actions"', array
('onClick' => "return confirm('Are you sure you want to delete?')"));?>
控制器:
function delete_news() {
$this->load->library('encrypt');
$this->load->model('users_model');
//var_dump($product_id);die();
$ls_id= $this->decrypt($this->uri->segment(3));
$result = $this->users_model->get_id($ls_id);
$this->users_model->delete($ls_id);
$this->db->trans_complete();
$message2 = "News has been deleted successfully";
echo "<script type='text/javascript'>alert('$message2'); </script>";
$this->manage_news();
}
// Encryption function starts
function ecrypt($str)
{
$result ="";
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0; $i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
return base64_encode($result);
}
// Encryption function end
// This code use for id decrypt
function decrypt($str)
{
$str = base64_decode($str);
$result = '';
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0;$i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)-ord($keychar));
$result.=$char;
}
return $result;
}
// decryption function end
型号:
function delete($id){
$this->db->where('id', $id);
$this->db->delete('news');
}
function get_id($id){
$this->db->where('id',$id);
$query = $this->db->get('news');
return $query->result_array();
}
您认为:
<?php
$CI = & get_instance();
echo anchor("resetPasswordController/delete_news/".$CI->ecrypt($content1['id']),
'<i class="fa fa-trash-o fa-fw"></i>Delete','id="actions"', array
('onClick' => "return confirm('Are you sure you want to delete?')"));?>
更新解决方案:
Base64 return 一个最后有 = 的字符串,这可能会导致问题,所以你可以替换它
function ecrypt($str)
{
$result ="";
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0; $i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
$data = base64_encode($result);
$data = str_replace(array('='),array('.'),$data);
return $data
}
同样替换“.”在解密函数中使用=
错误:致命错误:调用未定义函数 ecrypt()
代码在锚中没有 ecrypt 函数调用的情况下一切正常。我想保护它免受代码注入。为什么会出现上述错误?
查看:
<?php
echo anchor("resetPasswordController/delete_news/".ecrypt($content1['id']),
'<i class="fa fa-trash-o fa-fw"></i>Delete','id="actions"', array
('onClick' => "return confirm('Are you sure you want to delete?')"));?>
控制器:
function delete_news() {
$this->load->library('encrypt');
$this->load->model('users_model');
//var_dump($product_id);die();
$ls_id= $this->decrypt($this->uri->segment(3));
$result = $this->users_model->get_id($ls_id);
$this->users_model->delete($ls_id);
$this->db->trans_complete();
$message2 = "News has been deleted successfully";
echo "<script type='text/javascript'>alert('$message2'); </script>";
$this->manage_news();
}
// Encryption function starts
function ecrypt($str)
{
$result ="";
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0; $i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
return base64_encode($result);
}
// Encryption function end
// This code use for id decrypt
function decrypt($str)
{
$str = base64_decode($str);
$result = '';
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0;$i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)-ord($keychar));
$result.=$char;
}
return $result;
}
// decryption function end
型号:
function delete($id){
$this->db->where('id', $id);
$this->db->delete('news');
}
function get_id($id){
$this->db->where('id',$id);
$query = $this->db->get('news');
return $query->result_array();
}
您认为:
<?php
$CI = & get_instance();
echo anchor("resetPasswordController/delete_news/".$CI->ecrypt($content1['id']),
'<i class="fa fa-trash-o fa-fw"></i>Delete','id="actions"', array
('onClick' => "return confirm('Are you sure you want to delete?')"));?>
更新解决方案: Base64 return 一个最后有 = 的字符串,这可能会导致问题,所以你可以替换它
function ecrypt($str)
{
$result ="";
$key = "snowtogsbydigitechsoftwaresolutionsabcxyzdfvdfd";
for($i=0; $i<strlen($str); $i++)
{
$char = substr($str, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
$data = base64_encode($result);
$data = str_replace(array('='),array('.'),$data);
return $data
}
同样替换“.”在解密函数中使用=