两个不相等的相等字符串
Two equal strings that are not equal
我正在用 PHP 比较两个字符串。我确信字符串是相等的,因为我已经将它们回显到网页上,但比较总是 returns "bad".
其中一个被比较的字符串以前通过 AES-256 加密并通过 cookie 存储。
Cookie 值:
_uid=YJUZI3Kzi+YrmKay9H2+k0Bl+374u5JLeYF7BSLiNfo=:mjsAHC8qJX5UpF0p8gpuNKczieZObzbGlRszGjiDQX4=
加密函数:
<?php
// AES 256
function aes($a,$b,$c) {
switch($a){
case 1:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$h=mcrypt_create_iv($g,MCRYPT_DEV_URANDOM);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];
$l++;
}
$p=strlen($k[$b]);
$q=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$k[$b],$c,MCRYPT_MODE_CBC,$h);
$q=base64_encode($h.$q);
return $q;
break;
case 2:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];$l++;
}
$p=strlen($k[$b]);
$q=base64_decode($c);
$r=substr($q,0,$g);
$s=substr($q,$g);
$t=mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$k[$b],$s,MCRYPT_MODE_CBC,$r);
return $t;
break;
default:
}
}
?>
比较脚本:
<?php
$Value = explode(":",$_COOKIE['_uid']);
$_SERVER['REMOTE_ADDR'] == aes(2,1,$Value[0])
? printf("good")
: printf("bad");
?>
谁能告诉我问题出在哪里?
您的问题可能是因为一些隐藏空间。要删除它们,只需使用 trim(),例如
$_SERVER['REMOTE_ADDR'] == trim(aes(2,1, trim($Value[0])))
//^^^^ ^^^^ See here
我正在用 PHP 比较两个字符串。我确信字符串是相等的,因为我已经将它们回显到网页上,但比较总是 returns "bad".
其中一个被比较的字符串以前通过 AES-256 加密并通过 cookie 存储。
Cookie 值:
_uid=YJUZI3Kzi+YrmKay9H2+k0Bl+374u5JLeYF7BSLiNfo=:mjsAHC8qJX5UpF0p8gpuNKczieZObzbGlRszGjiDQX4=
加密函数:
<?php
// AES 256
function aes($a,$b,$c) {
switch($a){
case 1:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$h=mcrypt_create_iv($g,MCRYPT_DEV_URANDOM);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];
$l++;
}
$p=strlen($k[$b]);
$q=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$k[$b],$c,MCRYPT_MODE_CBC,$h);
$q=base64_encode($h.$q);
return $q;
break;
case 2:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];$l++;
}
$p=strlen($k[$b]);
$q=base64_decode($c);
$r=substr($q,0,$g);
$s=substr($q,$g);
$t=mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$k[$b],$s,MCRYPT_MODE_CBC,$r);
return $t;
break;
default:
}
}
?>
比较脚本:
<?php
$Value = explode(":",$_COOKIE['_uid']);
$_SERVER['REMOTE_ADDR'] == aes(2,1,$Value[0])
? printf("good")
: printf("bad");
?>
谁能告诉我问题出在哪里?
您的问题可能是因为一些隐藏空间。要删除它们,只需使用 trim(),例如
$_SERVER['REMOTE_ADDR'] == trim(aes(2,1, trim($Value[0])))
//^^^^ ^^^^ See here