home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Book HomePHP CookbookSearch this book
PreviousNext

14.3. Obscuring Data with Encoding

14.3.1. Problem

You want to prevent data being viewable as plaintext. For example, you don't want hidden form data to be revealed simply by someone viewing the source code of a web page.

14.3.2. Solution

Encode the data with base64_encode( ): 

$personal_data = array('code' => 5123, 'blood_type' => 'O');
$info = base64_encode(serialize($personal_data));
print '<input type="hidden" name="info" value="'.$info.'">';
<input type="hidden" name="info"
value="YToyOntzOjQ6ImNvZGUiO2k6NTEyMztzOjEwOiJibG9vZF90eXBlIjtzOjE6Ik8iO30=">

Decode the data with base64_decode( ) : 

$personal_data = unserialize(base64_decode($_REQUEST['info']));
get_transfusion($personal_data['blood_type']);

14.3.3. Discussion

The Base64 algorithm encodes data as a string of letters, numbers, and punctuation marks. This makes it ideal for transforming binary data into a plaintext form and also for obfuscating data.

14.3.4. See Also

Documentation on base64_encode( ) at http://www.php.net/base64-encode and base64_decode( ) at http://www.php.net/base64-decode; the Base64 algorithm is defined in RFC 2045, available at http://www.faqs.org/rfcs/rfc2045.html.

PreviousHomeNext
14.2. Keeping Passwords Out of Your Site FilesBook Index14.4. Verifying Data with Hashes
Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.