Php mcrypt_decrypt () problem
I am passing information from one page to another using the following php code.
Index.php page:
<?php
include("secure/content/database/db.php");
$sql = mysql_query("SELECT * FROM press");
while($re = mysql_fetch_array($sql))
{
$id= (int) $re['id'];
$key = "bladeyeshibbir?1%59";
$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)
$encrypted_data=mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $id, MCRYPT_MODE_ECB, $iv);
$id = urlencode(base64_encode($encrypted_data));
$page = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));
echo "<li><a href='press.php?id=$id&request=$md'>$page</a></li>";
}
?>
Press.php page
<?php
include("secure/content/database/db.php");
include("header.php");
$id = $_REQUEST["id"];
$key = "bladeyeshibbir?1%59#";
$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM)
$decrypted_data=mcrypt_decrypt(MCRYPT_3DES, $key, $id, MCRYPT_MODE_CBC, $iv);
$url_id = base64_decode(urldecode($decrypted_data));
$request = $_REQUEST['request'];
$sql = mysql_query("SELECT * FROM press WHERE id='$url_id' ");
$re = mysql_fetch_array($sql);
$pagename = mysql_real_escape_string(trim($re['pagename']));
$content = mysql_real_escape_string(trim($re['content']));
echo "<title>$pagename</title>";
echo $content;
include("fotter.php");
?>
BUT I am getting this error:
Warning: mcrypt_decrypt () [function.mcrypt-decrypt]: trying to use empty IV which is NOT recommended in C: \ xampp \ htdocs \ audock \ press.php on line 10.
In fact, I want to prevent the user from seeing the actual value of the query string variable.
+3
source to share