Hi friends, I'm trying to get an encrypting program working to possibly use for password insertion into a db. I set up a function that runs str_replace on a string (user supplied) two times. It searches for a single letter or number, and replace it with a pair. The next str_replace searches that new string for different pairs, and replaces them with a three-character string (symbol, character, character). I'm using % as my symbol, so I'm pretty sure this isn't the issue. It encodes, but the resulting string is way longer than expected! I set sup a decode function, with the same str_replace values, just with the replaces flipped. This works to return to me my original value, but I have to decode about 6 times (after encoding once). Basically, running a string through the encoding function will decode back to its original value, but I have to run it through the decode function multiple times to do so. Here is an example of my code: [code] <?php //ENCRYPT FUNCTIONS function format_string($string,$functions) { $funcs = explode(",",$functions); foreach ($funcs as $func) { if (function_exists($func)) $string = $func($string); } return $string; } function enc_string($string) { $search = array("a","b","c","d","e","f","g","h","i",".........."); //62 values $replace = array("j9","k8","q7","v6","..........."); //62 values $string = str_replace($search, $replace, $string); $search2 = array("9k","8q","7v","6w","5x","4y","3z","2j","................"); // 126 values $string = str_replace($search2, $replace2, $string); return $string; } function scrub($input) { $string = format_string($input,"strip_tags,trim"); $string = enc_string($string); return $string; } if(isset($_POST['input'])) { $input = $_POST['input']; $enc_password = scrub($input); } //DECRYPT FUNCTIONS function format_string2($string2,$functions) { $funcs = explode(",",$functions); foreach ($funcs as $func) { if (function_exists($func)) $string2 = $func($string2); } return $string2; } function dec_string($string2) { $search3 = array("%A1","%B2","%C3","........"); // 126 values $replace3 = array("9k","8q","7v","......."); //126 values $string2 = str_replace($search3, $replace3, $string2); $search4 = array("j9","k8","q7","......"); //62 values $replace4 = array("a","b","c","..........."); //62 values $string2 = str_replace($search4, $replace4, $string2); return $string2; } function scrub_set2($input2) { $string2 = format_string2($input2,"strip_tags,trim"); $string2 = dec_string($string2); return $string2; } if(isset($_POST['input2'])) { $input2 = $_POST['input2']; $dec_password = scrub_set2($input2); } ?> <body> <form (posts to itself) > <input type="text" name="input" id="input" value="<?php if(isset($input)) echo $input; ?>" /> <input type="text" name="output" id="output" value="<?php if(isset($enc_password)) echo $enc_password; ?>" <?php if(!isset($enc_password)) echo "readonly='readonly'"; ?> /> <input type="submit" name="submit" value="Encrypt" /> [/code] I have a feeling that php is running the functions through the str_replace functions multiple times. It doesn't seem to mess with the unique-ness I had to build into it (in order to preserve the string for decoding), but it makes me nervous if it runs it through multiple times. Does anyone know why the encoding step results in such a long string? And why do I have to run decode on the result so many times to change it back? Any and all help would be greatly appreciated!