Home > Software design >  Unable to decrypt email address using openssl_decrypt & AES in PHP
Unable to decrypt email address using openssl_decrypt & AES in PHP

Time:08-26

I'm trying to create an unsubscribe link for my email marketing system. In the email I created an unsubscribe button and after it's clicked I'm trying to pass the email address and table id via the URL, with encryption like below:

<?php 

$email_id = '123456';
$addto = '[email protected]';

$email_id= openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto= openssl_encrypt("$addto", "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

 ?>

after click button url is like

https://sub.example.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c  EIhg==

unsbscribe.php:

<?php

$eid    = $_GET['id'];
$eaddr  = $_GET['eadd'];

$eid    = openssl_decrypt($eid, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$eaddr  = openssl_decrypt($eaddr, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

?>
<p>Your Email Address is <address><?php echo $eaddr; ?></address></p>
<p>Your Id is: <?php echo $eid; ?></p>

Please check this link of my real project which will output $_get Data and unencrypted data also https://ems.vozcodex.com/unsbscribe.php?id=bK2XGnJms0rzPuQOpvauGw==&eadd=WoN/K2t4xjKb057c EIhg==

Using

var_dump($_GET);
Result: array(2) { ["id"]=> string(24) "bK2XGnJms0rzPuQOpvauGw==" ["eadd"]=> string(24) "WoN/K2t4xjKb057c EIhg==" }

I'm only able to decrypt the table id - which is '123456', but not the email address. I tried various openssl_decrypt methods but am unable to decrypt the email address. email address always comes empty.

Can you please help to point out the issue. I am using PHP 7.4 (ea-php74).

CodePudding user response:

It seems encoding of the signs went wrong. Try url-encoding the encrypted values properly when generating the URL for the email, as suggested by Topaco in the comments. (and several other characters) has a special meaning in URLs.

e.g. something like:

$email_id = openssl_encrypt($email_id, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");
$encto = openssl_encrypt($addto, "AES-256-CBC", "25c6c7ff35b9979b151f2136cd13b0ff");

$url = "https://sub.example.com/unsbscribe.php?id=".urlencode($email_id)."&eadd=".urlencode($encto);

Page link:https//www.codepudding.com/Softwaredesign/522925.html

Prev:How to make custom link for some tag pages in Wordpress
Next:PHP Laravel error - Your requirements could not be resolved to an installable set of packages
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding