Fatal编程技术网
  • cakephp/
  • CakePHP 1.3.0 Cookie值未解密

CakePHP 1.3.0 Cookie值未解密

cakephp cookies

CakePHP 1.3.0 Cookie值未解密,cakephp,cookies,Cakephp,Cookies,在Firefox中查看cookies时,我注意到我保存的值是加密的。CakePHP手册指出,默认情况下,在write()上对值进行加密。我的假设是它们会在read()上自动解密。我似乎在医生身上找不到任何线索 还有其他人遇到过这个问题吗?我肯定我错过了什么。。设置的值是整数是否重要 我已经相应地设置了Cookie组件的键 $this->Cookie->key = 'qs#$XOw!'; 如果您安装了Suhosin安全补丁,由于某种原因,解密根本不起作用。对该问题和潜在修复的引用:在

在Firefox中查看cookies时,我注意到我保存的值是加密的。CakePHP手册指出,默认情况下,在
write()
上对值进行加密。我的假设是它们会在
read()
上自动解密。我似乎在医生身上找不到任何线索

还有其他人遇到过这个问题吗?我肯定我错过了什么。。设置的值是整数是否重要

我已经相应地设置了Cookie组件的键

$this->Cookie->key = 'qs#$XOw!';
如果您安装了Suhosin安全补丁,由于某种原因,解密根本不起作用。对该问题和潜在修复的引用:

在CakePHP 2.2版中更改

已添加“rijndael”加密类型。这为我解决了问题

历史记录:

class AppController extends Controller {

    function beforeFilter() 
    {
        // Using "rijndael" encryption because the default "cipher" type of encryption fails to decrypt when PHP has the Suhosin patch installed. 
        // See: http://cakephp.lighthouseapp.com/projects/42648/tickets/471-securitycipher-function-cannot-decrypt
        $this->Cookie->type('rijndael');

        // When using "rijndael" encryption the "key" value must be longer than 32 bytes.
        $this->Cookie->key = 'qSI2423424ASadsadasd2131242334SasdadAWQEAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';

        // Works
        $result = $this->Cookie->read('Test.rijndael');
        var_dump($result);
        $this->Cookie->write('Test.rijndael', 'foo');

        // Fails
        $this->Cookie->type('cipher');
        $result = $this->Cookie->read('Test.cipher');
        var_dump($result);
        $this->Cookie->write('Test.cipher', 'foo');
    }
}

测试:

class AppController extends Controller {

    function beforeFilter() 
    {
        // Using "rijndael" encryption because the default "cipher" type of encryption fails to decrypt when PHP has the Suhosin patch installed. 
        // See: http://cakephp.lighthouseapp.com/projects/42648/tickets/471-securitycipher-function-cannot-decrypt
        $this->Cookie->type('rijndael');

        // When using "rijndael" encryption the "key" value must be longer than 32 bytes.
        $this->Cookie->key = 'qSI2423424ASadsadasd2131242334SasdadAWQEAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';

        // Works
        $result = $this->Cookie->read('Test.rijndael');
        var_dump($result);
        $this->Cookie->write('Test.rijndael', 'foo');

        // Fails
        $this->Cookie->type('cipher');
        $result = $this->Cookie->read('Test.cipher');
        var_dump($result);
        $this->Cookie->write('Test.cipher', 'foo');
    }
}
就是这样。仅供参考,如果您与我一样不熟悉PHP安装,您可以通过检查
phpinfo()来查看是否安装了Suhosin修补程序完全正确!这是我的问题:
Security::cipher()
中使用的
srand()
在生产环境中不起作用。如果您已升级到CakePHP 2.2版,请参阅下面我的答案:关于
rijndael
加密类型。