i am trying to store some info in my db. One of the fields are Japanese names. I am getting a error:
Warning: #1366 Incorrect string value: '\xE3\x83\xA9\xE3\x83\x87...' for column 'japan-name' at row 1
So i cannot chnage the charset of my db. Can i use PHP or Javascript to convert Japanese/Korean to something else, and them when i go read it, reconvert to Japanese/Korean?
PHP offers the base64_encode() and base64_decode() functions. They are fast, and impose a storage penalty of about 33%. You can use the first to convert your utf-8 east Asian text to what looks like gibberish in ASCII before you store it in your table. The second will convert it back after you retrieve it.
Here's an example:
$jp = " 私はガラスを食べられます。それは私を傷つけません。";
$jpe = base64_encode ($jp);
$jpd = base64_decode ($jpe);
After you run these lines, the $jpe variable has the value
IOengeOBr+OCrOODqeOCueOCkumjn+OBueOCieOCjOOBvuOBmeOAguOBneOCjOOBr+engeOCkuWCt+OBpOOBkeOBvuOBm+OCk+OAgg==
That stores just fine in an ASCII or Latin-1 column.
utf-8 saves the unicode data in table... but other way is to encode and save and then decode and display
update:
searched on web and found answer at How do you Encrypt and Decrypt a PHP String?
define("ENCRYPTION_KEY", "!##$%^&*");
$string = "This is the original data string!";
echo $encrypted = encrypt($string, ENCRYPTION_KEY);
echo "<br />";
echo $decrypted = decrypt($encrypted, ENCRYPTION_KEY);
/**
* Returns an encrypted & utf8-encoded
*/
function encrypt($pure_string, $encryption_key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$encrypted_string = mcrypt_encrypt(MCRYPT_BLOWFISH, $encryption_key, utf8_encode($pure_string), MCRYPT_MODE_ECB, $iv);
return $encrypted_string;
}
/**
* Returns decrypted original string
*/
function decrypt($encrypted_string, $encryption_key) {
$iv_size = mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypted_string = mcrypt_decrypt(MCRYPT_BLOWFISH, $encryption_key, $encrypted_string, MCRYPT_MODE_ECB, $iv);
return $decrypted_string;
}
Related
I managed to find a Libsodium js library (JS-NaCl) for front end encryption and has setup my PHP backend for Libsodium encrypt/decrypt also. When I encrypt a JSON object like below
const key = "827ccb0eea8a706c4c34a16891f84e7b";
const nonce = "0123456789abcdefghijvbnm";
var credentials = {
"zip":"265",
"account_number":"10028979739",
"passcode":"1234",
"account_type":"personal",
"request":"login",
"device":"iPhone 11"
};
function encrypt(data){
return sodium.crypto_secretbox(sodium.encode_utf8(data),nonce,key);
};
function decrypt(data){
return sodium.decode_utf8(sodium.crypto_secretbox_open(data, nonce, key));
}
function login(data){
$.ajax({
url:baseURL+"account/account.php",
method:"POST",
contentType:"application/x-www-form-urlencoded",
dataType:"json",
data:"datax="+JSON.stringify(encrypt(credentials)),
beforeSend:()=>{
console.log(credentials);
},success:(response)=>{
console.log(response);
},error:(e)=>{
swal("Connection Error","Failed to connect to the server!","error");
}
});
}
When I fire the login method with it encrypts the JSON object using the encrypt method hence I send something like this:
datax: {"0":191,"1":118,"2":248,"3":134,"4":45,"5":163,"6":3,"7":157,"8":78,"9":73,"10":157,"11":137,"12":178,"13":6,"14":68,"15":91,"16":217,"17":219,"18":50,"19":11,"20":127,"21":177,"22":130,"23":25,"24":209,"25":254,"26":210,"27":44,"28":119,"29":13,"30":144}
at the php backend code I am doing this:
<?php
function decrypt($data){
$key = "e9897cea109576c2f8088c277125d553e4f83afbc0abbb92cfb1f7b776b4fee0";
$nonce = "0123456789abcdefghijvbnm";
return sodium_crypto_secretbox_open($data,$nonce,$key);
}
function encrypt($data){
$data = utf8_encode($data);
$key = "e9897cea109576c2f8088c277125d553e4f83afbc0abbb92cfb1f7b776b4fee0";
$nonce = "0123456789abcdefghijvbnm";
return sodium_crypto_secretbox($data,$nonce,$key);
}
$credentials = $_POST["datax"];
echo decrypt($credentials);
?>
Same Key, Same nonce but it doesn't echo back anything. How to I decrypt this??
The code needs some changes. On the JavaScript side (frontend):
The JavaScript object must be converted into a string.
Besides the data, nonce and key must also be encoded using Utf8. Although the key could also be hexadecimal encoded to a 16 bytes key, in this context it must be Utf8 encoded to a 32 bytes key, because sodium.crypto_secretbox expects a 32 bytes key. The expected nonce must be 24 bytes in size.
Now the data can be encrypted.
sodium.crypto_secretbox returns the data as Uint8Array, which must therefore be encoded for transfer into a suitable format, e.g. hexadecimal.
The corresponding code is:
nacl_factory.instantiate(function (sodium) {
var credentials = {
"zip":"265",
"account_number":"10028979739",
"passcode":"1234",
"account_type":"personal",
"request":"login",
"device":"iPhone 11"
};
// Convert JavaScript object to string
var data = JSON.stringify(credentials);
// Utf8 encode key, nonce and data
var keyUtf8 = sodium.encode_utf8("827ccb0eea8a706c4c34a16891f84e7b");
var nonceUtf8 = sodium.encode_utf8("0123456789abcdefghijvbnm");
var dataUtf8 = sodium.encode_utf8(data);
// Encrypt
var encrypted = sodium.crypto_secretbox(dataUtf8, nonceUtf8, keyUtf8);
// Hex encode encrypted data for transfer
var encryptedHex = sodium.to_hex(encrypted);
console.log("Ciphertext (hex):\n" + encryptedHex.replace(/(.{64})/g, "$1\n"));
});
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-nacl/1.3.2/nacl_factory.js"></script>
On the PHP side (backend):
The hexadecimal string $encryptedHex must be decoded.
The decoded data are to be decrypted. For this, key and nonce of the encryption must be used. In the posted code a different key is used, which is not possible in the context of crypto_secretbox (symmetric encryption), i.e. both sides use the same key. For asymmetric encryption there is crypto_box.
The result can be decoded into a JavaScript object whose objects can be accessed as usual.
The corresponding code is:
// Hex decode
$encrypted = sodium_hex2bin($encryptedHex);
// Decrypt
$nonce = "0123456789abcdefghijvbnm";
$key = "827ccb0eea8a706c4c34a16891f84e7b";
$decrypted = sodium_crypto_secretbox_open($encrypted, $nonce, $key);
// Convert to JavaScript object
$decryptedJSON = json_decode($decrypted);
echo "Zip: " . $decryptedJSON->zip . "\n";
echo "Account number: " . $decryptedJSON->account_number . "\n";
echo "Passcode: " . $decryptedJSON->passcode . "\n";
echo "Account type: " . $decryptedJSON->account_type . "\n";
echo "Request: " . $decryptedJSON->request . "\n";
echo "Device: " . $decryptedJSON->device . "\n";
I want to store html code into sql database which I've encoded by using encodeURI() but it showing me multiple errors as below
I'm using dataType as <CLOB> also tried using NVARCHAR(MAX) but is showing same error.
Sharing my encoded html code below in string format tobe store into sql.
%3Cp%3Ethis%20kind%20of%20text%20i'm%20storing%20into%20database%3C/p%3E%3Cpre%20class=%22code-pre%22%3Evar uri%20= %22my%20test.asp?name=st%C3%A5le&car=saab%22;%0Avar enc%20=%20encodeURI(uri);%0Avar dec%20=%20decodeURI(enc);%0Avar res%20=%20enc%20+ %22<br>%22 +%20dec;%0A%3C/pre%3E
INSERT INTO "Mytable" VALUES(
8/*ID <INTEGER>*/,
'Return matching objects from array of objects'/*QUESTION <NVARCHAR(200)>*/,
'%3Cp%3Ethis%20kind%20of%20text%20i'm%20storing%20into%20database%3C/p%3E%3C pre%20class=%22code-pre%22%3Evar uri%20= %22my%20test.asp ?
name=st%C3%A5le&car=saab%22;%0Avar enc%20=%20encodeURI(uri);%0Avar
dec%20=%20decodeURI(enc);%0Avar res%20=%20enc%20+ %22<br>%22
+%20dec;%0A%3C/pre%3E'/*QUESTION_DESC <CLOB>*/,
'20170508'/*CREATED <TIMESTAMP>*/,
0/*USERID <INTEGER>*/,
1/*TAGID <INTEGER>*/
);
Above command i'm using for pushing data to db. QUESTION_DESC string i've encoded.original string is
<p>this kind of text i'm storing into database</p><pre class="code-
pre">var uri = "my test.asp?name=ståle&car=saab";
var enc = encodeURI(uri);
var dec = decodeURI(enc);
var res = enc + "<br>" + dec;
</pre>
Help will be appriciated
This was quite simple when i tried posting html code from middle ware.
The problem is when i tried to post an html code to database it was showing error because of some random double quotes. So while sending that html code from middle ware i just replaced the double quotes to ignore double quotes. i did like
my html code to be stored in db
var htmlCodeToBeStored =
"<p>this kind of text i'm storing into database</p><pre class="code-
pre">var uri = "my test.asp?name=ståle&car=saab";
var enc = encodeURI(uri);
var dec = decodeURI(enc);
var res = enc + "<br>" + dec;
</pre>"
I replaced above string with as below
htmlCodeToBeStored = htmlCodeToBeStored.replace(/"/g, "\"")
with that simple change i'm able to store my ans into data base.
I have the following code in Javascript to encrypt a string using a key:
des.js is this: http://www.tero.co.uk/des/code.php
<script src="/js/des.js"></script>
<script>
var key = '12345678';
var message = 'hello world';
var ciph = des(key, message, 1, 0);
ciph = stringToHex(ciph);
console.log("Encrypted Result: " + ciph);
</script>
Then I send it server side and attempt to decrypt with this PHP code:
$key = '12345678';
$hexa = '0x28dba02eb5f6dd476042daebfa59687a'; /This is the output from Javascript
$string = '';
for ($i=0; $i < strlen($hexa)-1; $i+=2) {
$string .= chr(hexdec($hexa[$i].$hexa[$i+1])); }
echo mcrypt_decrypt(MCRYPT_DES, $key, $string, MCRYPT_MODE_ECB);
Ive tried converting it to utf8, changing encoding, changing the hex decoding, etc, but it always comes out gibberish, sometimes as nonreadable characters, other times as readable but nonsense.
The way to decrypt the string is not working properly, try this:
$key = '12345678';
$hexa = '0x28dba02eb5f6dd476042daebfa59687a';
function hexToString ($h) {
$r = "";
for ($i= (substr($h, 0, 2)=="0x")?2:0; $i<strlen($h); $i+=2) {$r .= chr (base_convert (substr ($h, $i, 2), 16, 10));}
return $r;
}
echo mcrypt_decrypt(MCRYPT_DES, $key,hexToString('0x28dba02eb5f6dd476042daebfa59687a'), MCRYPT_MODE_ECB);
The output will be: hello world
This way work properly, however, you should search another method to encrypt your data, in your script the key (12345678) and your encrypt method is visible to everyone.
Data to be encrypted with a block cipher such as DES or AES must be an exact multiple of the block size in length. The solution is to add padding to the data to be encrypted, PKCS#5 padding is the usual padding for DES and probably the default for Javascript. Unfortunately mcrypt does not support PKCS#5 padding, only a non-standard zero padding.
Potential solutions:
Use a better encryption function than mcrypt, see the comment to the question.
Specify no padding in Javascript and manually add zero padding.
Specify no padding in mcrypt and remove the padding manually.
It is better tospecify all options and no to rely on defaults.
I have a JavaScript client which needs to send data to the server which will then save it as a file.
The client doesn't allow websockets so I've tried using JSON to post it then save it using PHP on the server but as the data on the JavaScript client is a Uint32Array PHP doesn't understand what it is.
This is what I have on the client side
var arrayData = new Uint32Array(256);
...
var formdata = new FormData();
formdata.append("data" , JSON.stringify(arrayData));
var xhr = new XMLHttpRequest();
xhr.open( 'post', 'receive.php', true );
xhr.send(formdata);
Then on the server
<?php
if(!empty($_POST['data'])){
$data = json_decode($_POST['data']);
$fname = mktime() . ".txt";//generates random name
file_put_contents("upload/" .$fname, data);
}
?>
All I get in the text file is 'data' and a PHP error in the logs
'Use of undefined constant data - assumed 'data'
I've no idea how to get PHP to write this as binary data so any help would be greatly appreciated!
Replace this line:
file_put_contents("upload/" .$fname, data);
With:
file_put_contents("upload/" .$fname, $data);
You just forgot a $ to make data a variable, and PHP was searching for a constant named data. Not finding it, it assumed (ahhh, PHP!) that you wanted to write "data" (a string).
Added: how to save binary data from your sample
// Parse the JSON. $input would be $_POST['data'] for you
$json = json_decode($input);
// This variable contains the string that we'll write to the file
$write = '';
// Loop through the array
for($i = 0; $i < $json->length; $i++) {
// Append the binary number to $write
// Note for pack(): 32-bit unsigned integers can be represented with:
// L -> machine byte order
// N -> big endian
// V -> little endian
$write .= pack('V', $json->{$i});
}
// Then write $write to file
file_put_contents("upload/" .$fname, $write);
I am using encodeURIComponent() (and encodeURI() for e-mails) to take inputs safely from the user, and am then sending the output to php via ajax. The php processes it and puts this escaped sting into a $_SESSION[] which I then to to echo later. I was wondering if it was possible to print this to html normally, and then have html ignore anything inside it being code (e.g. would be treated as text instead of a tag) or even combine these two steps. I think the format for JavaScript encoding is different than that of php, so this might be an issue, but if it is, what would be the best way to change these stings in php (I'm storing these escaped strings in MySQL)?
Thanks in advance.
Theese are the functions I use when I handle strings from users in php.
save is for save to database,
edit is editing in input/textareas
show is to write it out showing the tags as text in html.
// SAVE DATA
function save($str)
{
return mysql_real_escape_string($str);
}
//############################################################################
// EDIT DATA
function edit($str)
{
$patterns[0] = '/</';
$patterns[1] = '/>/';
$patterns[2] = '/"/';
$patterns[3] = "/'/";
$replacements[0] = '<';
$replacements[1] = '>';
$replacements[2] = '"';
$replacements[3] = ''';
$str = preg_replace($patterns, $replacements, $str);
$str = trim($str);
return stripslashes(stripslashes(str_replace('\r\n', '
', $str)));
}
//############################################################################
// SHOW DATA
function show($str)
{
$patterns[0] = '/</';
$patterns[1] = '/>/';
$patterns[2] = '/"/';
$patterns[3] = "/'/";
$replacements[0] = '<';
$replacements[1] = '>';
$replacements[2] = '"';
$replacements[3] = ''';
$str = preg_replace($patterns, $replacements, $str);
$str = trim($str);
return stripslashes(stripslashes(str_replace('
', '<br />', $str)));
}
play around with it and see if it works for you :)